M&S hackers may have gained access via IT partner TCS

02 June 2025 Consultancy.uk

A major cyber breach at UK retailer Marks & Spencer has thrust its IT services provider into the spotlight. Tata Consultancy Services is currently conducting an internal investigation, to determine if it could have been the gateway hackers used to access its client’s systems.

In recent weeks, the UK’s retail sector has been rattled by high-profile cyber hacks. Marks & Spencer has been perhaps the most impactful. M&S chief executive, Stuart Machin, said it will take an estimated £300 million hit to profits this year from the damaging cyber-attack that it expects to disrupt its online business into July.

The Metropolitan Police's cyber-crime unit and the National Crime Agency (NCA) are investigating the M&S attack. But they will not be the only ones.

M&S said the hackers who had accessed its systems via a “third party” – a company working alongside it – rather than via a direct attack. According to reports from the BBC, Tata Consultancy Services (TCS) is therefore conducting its own internal investigation, to determine whether it was the gateway for the cyber-attack on M&S.

TCS has provided services to M&S for more than a decade. In 2023, it said in a press release that TCS and M&S were “recognised for their collaboration to build an in-house loyalty platform using the latest technology stack, an engineering-driven approach, and a cloud-first strategy to enhance customer experience”. The collaboration was a driving factor in TCS’ Retail Partnership of the Year award win that year.

While it is not clear when TCS launched its investigation – and the firm declined to comment when approached by the BBC – The Financial Times has also reported people close to the investigation expect the inquiry to conclude by the start of June.

In February 2024, TCS also announced a new partnership with British retail cooperative The Co-op, working to revamp its IT infrastructure and adopt a cloud first strategy.

Avoiding the next headline

Following a wave of high-profile cyber-attacks on major UK retailers including Co-op and Harrods, and M&S, cyber security expert Katherine Kearns from S-RM recently urged companies to tighten supply chain security to avoid becoming the next headline. According to Kearns, firms should identify critical vendors as a first step. 

She explained, “Begin by understanding the organisation’s third-party exposure and the impact this can have on the business. It is particularly important to identify and inventory third-party suppliers that have access to sensitive data, have access into your internal environment, provide critical software, and could significantly affect business continuity if disrupted.”

More on: Tata Consultancy Services
United Kingdom
Company profile
Tata Consultancy Services
Tata Consultancy Services is not a United Kingdom partner of Consultancy.org
Partnership information »
Partnership information

Consultancy.org works with three partnership levels: Local, Regional and Global.

Tata Consultancy Services is a not a partner of Consultancy.org.

Upgrade or more information? Get in touch with our team for details.

Send
Air New Zealand signs 5-year digital partnership with Tata Consultancy Services
Australia
Air New Zealand signs 5-year digital partnership with Tata Consultancy Services Tata Consultancy Services has signed a five-year partnership deal with Air New Zealand to help modernise the Kiwi carrier’s digital infrastructure and position it at the forefront of AI innovation.
30 March 2025
TCS strikes deal with Chorley Building Society
United Kingdom
TCS strikes deal with Chorley Building Society Tata Consultancy Services has announced a new deal with Chorley Building Society to digitally transform its core banking system and support the society's growth plans.
27 December 2024
Sangram Sahoo on the growth of Tata Consultancy Services in Peru
Peru
Sangram Sahoo on the growth of Tata Consultancy Services in Peru From his base in Lima, Sangram Sahoo leads the Peru business of Tata Consultancy Services, a global technology and IT services company.
16 December 2024
Air France-KLM launches group-wide data transformation with TCS as partner
Europe
Air France-KLM launches group-wide data transformation with TCS as partner Air France-KLM has launched a major IT transformation aimed at moving its full data infrastructure to the cloud, with Tata Consultancy Services serving as its key technology partner.
07 November 2024
Reap the benefits of GenAI while protecting against the cyber security risks
India
Reap the benefits of GenAI while protecting against the cyber security risks While the rapid rise of generative AI (GenAI) is offering businesses a wide range of benefits and opportunities, the technology is at the same time exposing them to cyber security risks, which should
30 October 2024
Nvidia and TCS announce partnership to accelerate AI adoption
United Kingdom
Nvidia and TCS announce partnership to accelerate AI adoption Tata Consultancy Services has founded a new business unit with Nvidia, to offer industry specific expertise to businesses implementing AI transformations.
29 October 2024
Mansfield Building Society strikes deal with TCS to boost digital customer experiences
United Kingdom
Mansfield Building Society strikes deal with TCS to boost digital customer experiences Tata Consultancy Services has announced a new deal with Mansfield Building Society to enhance member and intermediary experiences.
19 September 2024
Business leaders still struggling to put AI hype to practice
United Kingdom
Business leaders still struggling to put AI hype to practice According to a new international study, more than eight-in-10 executives say they have deployed artificial intelligence in their firms to enhance revenue.
21 June 2024

Cyber Security news

Cyber Security consulting firms Cyber Security consulting services

Retail news

Retail consulting firms Retail consulting services