According to the Financial Times, British retailer Marks & Spencer (M&S) has terminated its agreement with Tata Consultancy Services (TCS) to run its IT service desk. However, both businesses maintain that the termination has nothing to do with a hack that occurred earlier this year. The decision ends a more than ten-year collaboration in which TCS oversaw a number of M&S’s technological operations. According to M&S, months before the hacking incident, in January 2025, a competitive procurement process was started, and the service desk contract was terminated in July.
In a statement quoted by the Financial Times, the retailer stated that M&S valued its collaboration with the TCS team and that TCS offers a variety of IT and technology services to the company. As is customary, M&S conducted a comprehensive process, trained a new supplier, and tested the market to find the best product available. M&S’ larger TCS connection is unaffected by this change, the company stated.
Speculations Still Signaling Towards Cyber Attack
According to prior reports, the contract’s termination was related to the April 2025 cyberattack that forced M&S to stop accepting online purchases and left numerous locations with empty shelves. According to British media, the attack may have reduced operating profits by as much as £300 million. TCS, however, denied rumours that it had anything to do with the hack.
Prior to the April cyber incident, the retailer had selected a different service provider through a standard competitive procurement procedure that had been started in January. The Indian IT company declared that the two issues were obviously unrelated. TCS clarified that the IT service desk contract was really a minor portion of its total relationship with M&S, calling reports that connected the two situations “misleading”.
The business still offers the retailer a number of technological and digital transformation services. TCS assured UK legislators in a statement that there was no proof of compromise throughout its client networks, which included M&S, Jaguar Land Rover, and other significant UK-based clients. TCS claimed that its systems were safe and that it provides services to over 200 clients in the UK who work in vital sectors like nuclear energy, water, and finance.
M&S’ Terms Attack as Sophisticated Impersonation
M&S Chair Archie Norman testified before the House of Commons Business and Trade Committee, characterising the April attack on M&S as a “sophisticated impersonation” effort directed at a third-party vendor. Since then, the store has strengthened its incident response and cybersecurity procedures.
One of India’s biggest exporters of technology services and a long-standing IT partner for numerous international retailers is TCS, a division of Tata Sons. Analysts believe the story underscores increased scrutiny on outsourced IT providers in the wake of high-profile cyber attacks in the banking and retail sectors, even though the company’s explanation seems to have allayed worries about its involvement in the M&S breach.
In order to prevent operational interruptions from undermining trust in digital transformation partnerships, industry experts anticipate that both firms will increase due diligence and openness in their supplier networks as cybersecurity constraints increase.
|
Quick Shots |
|
•M&S has ended its IT service desk contract with TCS, •M&S stated the move followed a competitive procurement •Reports linked the contract exit to the April 2025 hack that •TCS refuted any involvement in the breach, calling such reports |
Leave a Reply