Marks & Spencer Ends Contract with TCS Months After Cyberattack

UK-based retailer Marks & Spencer (M&S) has ended its decade-long contract with Tata Consultancy Services (TCS), the Indian IT giant that managed its service desk operations. The decision was made in June 2025, just months after a major cyberattack that disrupted M&S’s services and affected thousands of customers.

Contract Ended After Internal Review

According to reports, the contract termination followed an internal review conducted by TCS. M&S confirmed the end of the partnership but did not specify the reasons behind the move. The development came after TCS was initially suspected to be responsible for the cyber breach but was cleared of any wrongdoing in April 2025 following an internal investigation.

TCS emphasized that the two events — the cyberattack and the end of the contract — were unrelated. The company stated that M&S had already begun a competitive procurement process in January 2025 and selected another service provider well before the April incident.

A statement cited by The Financial Times noted that M&S’s decision was part of a “regular procurement cycle,” unrelated to the cybersecurity breach.

Also Read: Orkla India IPO Shows Strong Grey Market Premium Ahead of Launch

Cyberattack Details and Financial Impact

The cyberattack occurred during the Easter weekend on April 19, 2025, when M&S customers were unable to make contactless payments or use the Click & Collect service across 1,049 stores in the UK. By April 21, the disruption had spread nationwide.

Investigations revealed that hackers accessed M&S systems by phishing employees of a third-party vendor and stealing their login credentials. The ransomware group “Scattered Spider” was later identified as the culprit, although earlier, another group named DragonForce falsely claimed responsibility by emailing M&S’s CEO directly.

As per M&S’s May forecast, the cyberattack could reduce its operating profits by up to £300 million ($405 million) in the FY2025–26 period. However, the retailer expects to recover part of the losses through insurance and cost-control measures.

TCS Clarifies Relationship and Ongoing Work

TCS stated that despite the end of the service desk contract, it continues to provide other IT and technology services to M&S. The company serves over 200 clients in the UK, spanning industries like finance, energy, water, and nuclear, with major partnerships including Jaguar Land Rover, Rolls-Royce, and the UK Ministry of Defence.

M&S Declines Further Comment

When asked if the cyberattack played any role in ending TCS’s contract, M&S declined to comment. However, internal remarks by Archie Norman, M&S Chair, before Members of Parliament in June, suggested that the attack involved “sophisticated impersonation” through a third-party system.

Despite speculation, both companies maintain that the decision to part ways was part of standard business review processes and not directly linked to the cybersecurity incident.

Click here to explore:
FII DII Data
IPO
BSE Sensex