Connect with us

Published

on

The chairman of Marks & Spencer has told MPs the company is “still in the rebuild mode” and will be for “some time to come” following a cyber attack which led to empty shelves and limited online operations for months.

Speaking publicly for the first time since the attack, Archie Norman declined to answer whether the business had paid a ransom.

“It’s a business decision, it’s a principal decision,” he told members of the Business and Trade Committee (BTC).

“The question you have to ask is – and I think all businesses should ask – is, when they look at the demand, what are they getting for it?

“Because once your systems are compromised and you’re going to have to rebuild anyway, maybe they’ve got exfiltrated data that you don’t want to publish. Maybe there’s something there, but in our case, substantially the damage had been done.”

Money blog: 10 happiest and unhappiest professions for shift workers

When asked again later in the BTC evidence session, Mr Norman said, “We’re not discussing any of the details of our interaction with the threat actor, including this subject, but that subject is fully shared with the NCA [National Crime Agency].”

“We don’t think it’s in the public interest to go into that subject on it, because it is a matter of law enforcement”, he added.

What happened?

The initial entry into M&S’s systems took place on 17 April through “sophisticated impersonation” that involved a third party, Mr Norman said.

It was two days later, on Easter Saturday, before the company became aware of the attack, and approximately a week after the intrusion, before the retailer heard directly from the attacker.

Please use Chrome browser for a more accessible video player

Who is behind M&S cyberattack?

A day later, after learning of the attack, the authorities were notified, while customers were told on Tuesday, MPs heard.

As well as British authorities, the US FBI was contacted, who are “more muscled up in this zone” and were “very supportive”, Mr Norman said.

By the time the breach is clear, systems have already been compromised, the chairman said.

The group behind the attack may have been Scattered Spider, some of whom are believed to be English-speaking teenagers, but Mr Norman said M&S made an early decision that no one from the company would deal directly with the so-called “threat actor”.

“Anybody who’s suffered an event like ours, it would be foolish to say there’s not a thousand things you’d like to have done differently,” he added.

Advice for businesses

In a warning to other businesses, M&S’s general counsel and company secretary Nick Folland said firms should be prepared to operate without IT systems.

“One of the things that we would say to others is make sure you can run your business on pen and paper,” he said.

Awareness and planning for the threats of cybersecurity meant M&S had trebled the number of people working on cybersecurity to 80and doubled its expenditure.

“We curiously doubled our insurance cover last year”, Mr Norman added.

In a good position

The business was better positioned to deal with the strike than at the start of Mr Norman’s tenure, he said.

“The context of M&S is when I joined the business, it was a very broken business… our systems were in a pretty decrepit state.”

“So I have to say if this has happened then I think we would have been kippered.”

Read more:
UK to miss deadline to agree steel and aluminium tariffs
Flavour of what’s to come as first Post Office inquiry lays bare heart-breaking legacy

Recent profits meant the company was “muscled up”.

“Extensive” insurance cover means M&S expects to make an “unsurprisingly significant claim” and receive “substantial recovery”, though the process of finding out how much will take about 18 months.

The £300m sum M&S said it expected to lose as a result of the cyber attack does not include money it expects to claim via insurance. The financial hit was calculated at £300m as the chain department store was losing £10m a week by not operating online.

The incident has “not really” affected its future, Mr Norman said.

Continue Reading

Business

UK’s biggest housebuilders to pay record sum after CMA investigation into sensitive information-sharing

Published

on

By

UK's biggest housebuilders to pay record sum after CMA investigation into sensitive information-sharing

The UK’s biggest housebuilders are set to pay a record sum to fund affordable housing after the competition regulator investigated sensitive information sharing among the firms.

A total of £100m, paid for by seven companies, will go to affordable housing programmes across England, Scotland, Wales and Northern Ireland, following a Competition and Markets Authority (CMA) investigation.

The inquiry was launched last year due to concerns that the companies were sharing commercially sensitive information, which could influence the prices of new homes.

There was concern that the housebuilders – Barratt Redrow, Bellway, Berkeley Group, Bloor Homes, Persimmon, Taylor Wimpey and Vistry – exchanged details about property sales, including pricing, viewing numbers and buyer incentives such as upgraded kitchens or stamp duty contributions.

Money blog: Another supermarket trials self-checkout ‘VAR’

It’s resulted in an agreement to make the combined £100m payment – the largest secured via a commitment from companies under CMA investigation. Hundreds of new homes could be funded with the money, the CMA said, helping low-income households, first-time buyers and vulnerable people.

The businesses have voluntarily agreed to pay the sum and have not acknowledged wrongdoing. No finding of rule-breaking or illegality has been made.

More on Cma

What next?

They have also offered to sign up to legally binding commitments to prevent anticompetitive behaviour.

Among the proposals advanced by the companies was an agreement not to share some information, like prices houses were sold for, with other housebuilders, except in limited circumstances, and to work with the Home Builders Federation and Homes for Scotland to develop industry-wide guidance on information sharing.

Read more:
UK to miss deadline to agree steel and aluminium tariffs
M&S boss reveals new details about cyber attack on company

The CMA has said it will consult on the changes.

If accepted, the commitments will become legally binding, and the CMA will not need to decide whether the housebuilders broke competition law.

Initially, eight companies were under investigation, but following a merger of Barratt Homes and Redrow, the number became seven.

“Housing is a critical sector for the UK economy and housing costs are a substantial part of people’s monthly spend, so it’s essential that competition works well. This keeps prices as low as possible and increases choice,” the CMA chief executive, Sarah Cardell, said.

Continue Reading

Business

At least 13 people may have taken their own lives linked to Post Office scandal, public inquiry finds

Published

on

By

At least 13 people may have taken their own lives linked to Post Office scandal, public inquiry finds

At least 13 people may have taken their own lives after being accused of wrongdoing based on evidence from the Horizon IT system that the Post Office and developers Fujitsu knew could be false, the public inquiry has found.

A further 59 people told the inquiry they considered ending their lives, 10 of whom tried on at least one occasion, while other postmasters and family members recount suffering from alcoholism and mental health disorders including anorexia and depression, family breakup, divorce, bankruptcy and personal abuse.

Follow latest on public inquiry into Post Office scandal

Writing in the first volume of the Post Office Horizon IT Inquiry report, chairman Sir Wyn Williams concludes that this enormous personal toll came despite senior employees at the Post Office knowing the Horizon IT system could produce accounts “which were illusory rather than real” even before it was rolled out to branches.

Sir Wyn said: “I am satisfied from the evidence that I have heard that a number of senior, and not so senior, employees of the Post Office knew or, at the very least, should have known that Legacy Horizon was capable of error… Yet, for all practical purposes, throughout the lifetime of Legacy Horizon, the Post Office maintained the fiction that its data was always accurate.”

Referring to the updated version of Horizon, known as Horizon Online, which also had “bugs errors and defects” that could create illusory accounts, he said: “I am satisfied that a number of employees of Fujitsu and the Post Office knew that this was so.”

The first volume of the report focuses on what Sir Wyn calls the “disastrous” impact of false accusations made against at least 1,000 postmasters, and the various redress schemes the Post Office and government has established since miscarriages of justice were identified and proven.

Please use Chrome browser for a more accessible video player

‘It stole a lot from me’

Recommendations regarding the conduct of senior management of the Post Office, Fujitsu and ministers will come in a subsequent report, but Sir Wyn is clear that unjust and flawed prosecutions were knowingly pursued.

“All of these people are properly to be regarded as victims of wholly unacceptable behaviour perpetrated by a number of individuals employed by and/or associated with the Post Office and Fujitsu from time to time and by the Post Office and Fujitsu as institutions,” he says.

What are the inquiry’s recommendations?

Calling for urgent action from government and the Post Office to ensure “full and fair compensation”, he makes 19 recommendations including:

• Government and the Post Office to agree a definition of “full and fair” compensation to be used when agreeing payouts
• Ending “unnecessarily adversarial attitude” to initial offers that have depressed the value of payouts, ⁠and ensuring consistency across all four compensation schemes
• The creation of a standing body to administer financial redress to people wronged by public bodies
• Compensation to be extended to close family members of those affected who have suffered “serious negative consequences”
• The Post Office, Fujitsu and government agreeing a programme for “restorative justice”, a process that brings together those that have suffered harm with those that have caused it

Regarding the human impact of the Post Office’s pursuit of postmasters, including its use of unique powers of prosecution, Sir Wyn writes: “I do not think it is easy to exaggerate the trauma which persons are likely to suffer when they are the subject of criminal investigation, prosecution, conviction and sentence.”

He says that even the process of being interviewed under caution by Post Office investigators “will have been troubling at best and harrowing at worst”.

Read more:
Post Office inquiry lays bare heart-breaking legacy – analysis

‘Hostile and abusive behaviour’

The report finds that those wrongfully convicted were “subject to hostile and abusive behaviour” in their local communities, felt shame and embarrassment, with some feeling forced to move.

Detailing the impact on close family members of those prosecuted, Sir Wyn writes: “Wives, husbands, children and parents endured very significant suffering in the form of distress, worry and disruption to home life, in employment and education.

“In a number of cases, relationships with spouses broke down and ended in divorce or separation.

“In the most egregious cases, family members themselves suffered psychiatric illnesses or psychological problems and very significant financial losses… their suffering has been acute.”

The report includes 17 case studies of those affected by the scandal including some who have never spoken publicly before. They include Millie Castleton, daughter of Lee Castleton, one of the first postmasters prosecuted.

Please use Chrome browser for a more accessible video player

Three things you need to know about Post Office report

She told the inquiry how her family being “branded thieves and liars” affected her mental health, and contributed to a diagnosis of anorexia that forced her to drop out of university.

Her account concludes: “Even now as I go into my career, I still find it so incredibly hard to trust anyone, even subconsciously. I sabotage myself by not asking for help with anything.

“I’m trying hard to break this cycle but I’m 26 and am very conscious that I may never be able to fully commit to natural trust. But my family is still fighting. I’m still fighting, as are many hundreds involved in the Post Office trial.”

Business Secretary Jonathan Reynolds said the inquiry’s report “marks an important milestone for sub-postmasters and their families”.

He added that he was “committed to ensuring wronged sub-postmasters are given full, fair, and prompt redress”.

“The recommendations contained in Sir Wyn’s report require careful reflection, including on further action to complete the redress schemes,” Mr Reynolds said.

“Government will promptly respond to the recommendations in full in parliament.”

Continue Reading

Business

Public finances in ‘relatively vulnerable position.’, OBR warns

Published

on

By

Public finances in 'relatively vulnerable position.', OBR warns

The UK’s public finances are in a “relatively vulnerable position”, the government’s official forecaster has warned.

The Office for Budget Responsibility (OBR) cited a drag from successive economic shocks, recent U-turns on spending cuts and higher-than-expected policy commitments.

It sounded alarm over the projected path for debt as a result, in its annual fiscal risks and sustainability report.

It saw total debt above 270% of gross domestic product (GDP) by the early 2070s – up from a current level of 96.5% – declaring that rising debts have led to “a substantial erosion of the UK’s capacity to respond to future shocks”.

Money latest: Amazon launches 24/7 grocery deliveries

The OBR’s report highlighted damage from the COVID pandemic and cost of living crisis that followed Russia’s invasion of Ukraine.

But it raised fears that past and current government policies were further harming the sustainability of the public finances.

More from Money

The report said that the pension triple lock, for example, was now estimated to cost £15.5bn annually by 2029-30.

That was “around three times higher than initial expectations”, it said.

The lock, which rises each year in line with inflation, wage growth or 2.5% – whichever is higher – had risen by more than the 2.5% base in eight of the 13 years of operation to date, the report stated.

The watchdog said it reflected more volatile inflation than expected.

It also picked up on the latest government U-turns over planned welfare and winter fuel payment cuts in the face of rebellions by Labour MPs.

Please use Chrome browser for a more accessible video player

Welfare U-turn ‘has come at cost’

The decisions are expected to leave Chancellor Rachel Reeves facing a black hole of £6.75bn while weaker-than-expected economic growth could add a further £9bn to that sum in the run-up to the autumn budget, according to Sky News projections that see a void of around £20bn.

The OBR highlighted future risks from rising defence spending and the impact of climate change.

Public sector pay demands could also prove a drag, with resident doctors voting in favour of strikes over pay.

While ministers acknowledge damage to the public purse from the U-turns, Ms Reeves has repeatedly ruled out a new wave of borrowing to fund a spending spree.

Please use Chrome browser for a more accessible video player

Could the rich be taxed to fill black hole?

As such, the government has not ruled out the prospect of some form of wealth tax to help meet its commitments despite the top 1% of earners contributing almost a third of all income tax already – on top of other targeted taxes such as capital gains.

The report said: “Efforts to put the UK’s public finances on a more sustainable footing have met with only limited and temporary success in recent years in the aftermath of the shocks, debt has also continued to rise and borrowing remained elevated because governments have reversed plans to consolidate the public finances.

“Planned tax rises have been reversed, and, more significantly, planned spending reductions have been abandoned.”

Shadow chancellor Mel Stride said of the report: “The OBR’s report lays bare the damage: Britain now has the third-highest deficit and the fourth-highest debt burden in Europe, with borrowing costs among the highest in the developed world.

“Under Rachel Reeves’ economic mismanagement and Keir Starmer’s weak leadership, our public finances have become dangerously exposed – vulnerable to future shocks, welfare spending rising unsustainably, taxes rising to record highs and crippling levels of debt interest.

“Labour’s recklessness risks it all – your pension, your job, your home, your savings.”

A Number 10 spokesman said: “We recognise the realities set out in the OBR’s report and we’re taking the decisions needed to provide stability to the public finances.”

Continue Reading

Trending