Another Microsoft employee has interrupted Microsoftβs Build conference to protest against Microsoftβs involvement in targeting Palestinians https://www.theverge.com/news/670812/microsoft-build-protest-keynote-jay-parikh-palestinian-tech-worker
Another protest at Microsoft Build about their involvement in targeting Palestinians caused the head of AI security to accidentally share customer Teams chats https://www.theverge.com/news/671373/microsoft-ai-security-chief-walmart-conversation-build-protest-disruption
Another Microsoft employee has interrupted the CEO to protest against Microsoft's involvement in supplying AI technology targeting Palestinians https://www.theverge.com/news/669362/microsoft-employee-protest-build-conference-satya-nadella
Another Microsoft employee has interrupted Microsoftβs Build conference to protest against Microsoftβs involvement in targeting Palestinians https://www.theverge.com/news/670812/microsoft-build-protest-keynote-jay-parikh-palestinian-tech-worker
TCS have been linked to the Marks and Spencer breach, at least in part.
https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/
I made this point a few weeks ago, but... outsourcing all your IT, Networks, Service Desk (helpdesk) and operational cybersecurity is a temporary cost saving and basically paints a ticking timebomb on the org, IMHO.
Tomorrow itβs one month since Marks and Spencer started containment, itβs also their financial results day.
Online ordering still down, all recruitment stopped, Palo-Alto VPNs still offline.
TCS have been linked to the Marks and Spencer breach, at least in part.
https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/
There's also a line in the article from an cyber industry person saying "if it can happen to M&S, it can happen to anyone" - it's ridiculous and defeatist given Marks and Spencer haven't shared any technical information about how it happened, other than to tell The Sunday Times it was "human error"
The Air Safety version of cyber industry would be a plane crashing into 14 other planes, and industry air safety people going "Gosh, if that can happen to British Airways it could happen to anybody!"
Tomorrow itβs one month since Marks and Spencer started containment, itβs also their financial results day.
Online ordering still down, all recruitment stopped, Palo-Alto VPNs still offline.
Classic Microsoft. βSpeak your mindβ on Yammerβ¦ except when it matters. https://www.theverge.com/news/644769/microsoft-fires-employee-protestor-war-profiteer
Another Microsoft employee has interrupted the CEO to protest against Microsoft's involvement in supplying AI technology targeting Palestinians https://www.theverge.com/news/669362/microsoft-employee-protest-build-conference-satya-nadella
"Cyber analysts and retail executives said the company had been the victim of a ransomware attack, had refused to pay - following government advice - and was working to reinstall all of its computer systems."
Not sure who those analysts are, but since DragonForce haven't released any data and M&S won't comment other than to say they haven't had any "direct" contact with DragonForce, I wouldn't make that assumption.
https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/
There's also a line in the article from an cyber industry person saying "if it can happen to M&S, it can happen to anyone" - it's ridiculous and defeatist given Marks and Spencer haven't shared any technical information about how it happened, other than to tell The Sunday Times it was "human error"
The Air Safety version of cyber industry would be a plane crashing into 14 other planes, and industry air safety people going "Gosh, if that can happen to British Airways it could happen to anybody!"
The Office of the Privacy Commissioner for Personal Data (PCPD) has confirmed that Marks and Spencer (M&S) Hong Kong has not informed it of a recent customer data leak, nor responded to its enquiries. https://hongkongfp.com/2025/05/19/ms-hong-kong-not-responding-to-privacy-commissioners-office-after-online-customer-data-breach/
"Cyber analysts and retail executives said the company had been the victim of a ransomware attack, had refused to pay - following government advice - and was working to reinstall all of its computer systems."
Not sure who those analysts are, but since DragonForce haven't released any data and M&S won't comment other than to say they haven't had any "direct" contact with DragonForce, I wouldn't make that assumption.
https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/
There's nothing to suggest TCS itself have a breach btw.
Basically, if you go for the lowest cost helpdesk - you might want to follow the NCSC advice on authenticating password and MFA token resets.
I've put a 3 part deep dive blog series coming out probably next week called Living-Off-The-Company, which is about how teenagers have realised large orgs have outsourced to MSPs who follow the same format of SOP documentation, use of cloud services etc. Orgs have introduced commonality to surf.
The Office of the Privacy Commissioner for Personal Data (PCPD) has confirmed that Marks and Spencer (M&S) Hong Kong has not informed it of a recent customer data leak, nor responded to its enquiries. https://hongkongfp.com/2025/05/19/ms-hong-kong-not-responding-to-privacy-commissioners-office-after-online-customer-data-breach/
M&S looks to be moving to reposition their incident as a third party failure, which I imagine will help redirect some of the blame (they present their financial results during the week to investors): https://www.bbc.co.uk/news/articles/cpqe213vw3po
Both M&S and Co-op outsourced their IT, including their Service Desk (helpdesk), to TCS (Tata) around 2018, as part of cost savings.
There's nothing to suggest TCS itself have a breach btw.
Basically, if you go for the lowest cost helpdesk - you might want to follow the NCSC advice on authenticating password and MFA token resets.
I've put a 3 part deep dive blog series coming out probably next week called Living-Off-The-Company, which is about how teenagers have realised large orgs have outsourced to MSPs who follow the same format of SOP documentation, use of cloud services etc. Orgs have introduced commonality to surf.
Kevin Beaumont