The company emailed customers "To give you extra peace of mind, next time you visit or login to your M&S.com account on our website or app, you will also be prompted to reset your password."
I guess the company judges the IQ of its average customer is so low as to find that reassuring.
"There is no evidence that this data has been shared.” said the company.
Possibly true is "we found no evidence that...:
The company emailed customers "To give you extra peace of mind, next time you visit or login to your M&S.com account on our website or app, you will also be prompted to reset your password."
I guess the company judges the IQ of its average customer is so low as to find that reassuring.
Did they take 3 weeks to discover the breach? Or three weeks to reveal it?