M&S chair Archie Norman has publicly confirmed that the company believes that ransomware group DragonForce were responsible for its cyber attack.

Speaking to a parliamentary select committee today (8 July), Norman explained that “loosely aligned parties” had worked together on the cyber attack.

He noted: “We believe in this case there was the instigator of the attack and then, believed to be DragonForce, who were a ransomware operation based we believe in Asia.”

It comes as hacking group Scattered Spider has previously been named in the media for the cyber attack.

Norman highlighted: “When this happens you don’t know who the attacker is, and in fact they never send you a letter signed Scattered Spider, that doesn’t happen.”

The company chair also revealed that M&S was helped by the US FBI agent following its cyber attack.

Speaking to the cross-party business committee, Archie Norman explained that M&S “had an exchange with the FBI, who were very supportive” as they were “more muscled up in the zone”.

Additionally, M&S has been working with the UK’s National Crime Agency and the National Cyber Security Centre (NCSC) following the cyber attack.

The comments come as Norman was giving evidence following M&S’s cyber attack, which was first reported in April after shoppers were left unable to make contactless payments across UK stores over the Bank holiday weekend.

Co-op also faced the select committee with M&S, after being hit with a cyber attack during the same month, under a broader enquiry into the impact of cyber attacks on various businesses.

Norman urged the government to make reporting on “major” cyber attacks mandatory.

He said: “It is apparent to us that quite a large number of cyber attacks never get reported to the NCSC and we have reason to believe that two major cyber attacks in the last four months have gone unreported.

“We think that’s a big deficit in our knowledge as to what is happening.”

Click here to sign up to Retail Gazette‘s free daily email newsletter