What the M&S cyber attack taught us about Social Engineering?

M%S share price has dumped 12% in the last few weeks and they are losing £15m profit per week since the cyber attack.

The share price even fell 4.5% yesterday over news that the much loved ‘meal deal’ was unavailable!

The cause: Social Engineering.

But what is social engineering?

In this case the baddie phoned up the M&S IT help desk pretending to be an M&S employee and asked for a password reset.

The reset gave the baddie access to the M&S network and BOOM.

People are the weakest link, frequently exploited by bad actors.

The cost to M&S: loss of sales, fall in share price, loss of data, possibly fines for loss of data and damage to reputation.

M&S reputation is strong and will probably withstand this storm but the rest will cost.

Hopefully one or two businesses might be reviewing their security process for password resets today?