M&S has renewed a partnership with the IT services provider whose employees were reportedly tricked by hackers in the massive cyberattack on the retailer last year.
The log-in details of two Tata Consultancy Services employees were reported to have been used in the breach of M&S’s digital defences that all but wiped out its first-half profits.
M&S CEO Stuart Machin said in May that the breach of its systems during the 2025 Easter bank holiday was the result of “human error” by a “third party” that fell victim to “social engineering” techniques of hackers.
M&S terminated a contract with TCS as service desk provider in October, in a decision which both parties said had been taken before the cyberattack took place.
The contract that has been renewed relates to technology strategy support.
TCS said it would support M&S as it transformed to become an omnichannel, data-driven retailer supported by globally best-in-class modern technologies. It said TCS would use AI in its transformation approach to support long-term growth and improve customer experience.
“Technology transformation is a key strategic priority for M&S as we invest for growth,” said M&S operations director Sacha Berendji.
“Having the right suite of partners, with access to the latest developments in AI and digital expertise, is imperative. I am pleased we are extending our partnership with TCS, who will work alongside our in-house team as we accelerate our digital transformation.”
TCS consumer business group president Krishnan Ramanujam said: “M&S is a highly cherished and iconic British brand, that has always been at the forefront of retail innovation.
“We are proud of our long-standing partnership and delighted to be chosen to support its enterprise transformation. Our strong contextual knowledge of M&S’s business helped lead the digital wave for M&S.
“As M&S now accelerates its technology transformation we look forward to bringing our enterprise-scale AI capabilities, deep retail expertise, and engineering leadership to create sustained value, business agility, and a future-ready retail enterprise.”
A TCS spokesperson added: “As clarified by M&S and TCS in October 2025, the service desk contract followed a regular competitive RFP process initiated in January 2025, with M&S choosing to proceed with other partners well before the cyber incident in April 2025. The two matters were unrelated.”
In October, TCS said it had conducted a review of its networks and systems and “our conclusion is that the vulnerabilities have not originated from there”.
“TCS does not provide cybersecurity services to M&S,” it added at the time. “This is a service that is provided by another partner.”
The cyberattack forced M&S to suspend online delivery of clothing and homeware until June, caused initial availability issues in stores for food, and disabled rewards in the Sparks loyalty app until July.
M&S reported costs associated with the incident of £101.6m in the six months to the end of June. As a result, M&S generated profit before tax of £3.4m, down from £391.9m a year earlier.
No comments yet