M&S confirmed that a sophisticated impersonation attack led to a ransomware breach of their network, attributed to the DragonForce ransomware operation. The attackers tricked a third-party IT support company into resetting an employee's password, allowing access to M&S systems, which resulted in data theft and system shutdowns. M&S has not disclosed whether a ransom was paid or not, citing public interest concerns.