---
title: "Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally | DMARC Report"
description: "Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally from DMARC Report explains practical steps for email authentication, domain."
image: "https://dmarcreport.com/og/blog/layoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally.png"
canonical: "https://dmarcreport.com/blog/layoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Flayoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Layoffs%20Threaten%20Cybersecurity%2C%20M%26S%20Data%20Breach%2C%20Hackers%20Nabbed%20Globally&url=undefined%2Fblog%2Flayoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Flayoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Flayoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally%2F&title=Layoffs%20Threaten%20Cybersecurity%2C%20M%26S%20Data%20Breach%2C%20Hackers%20Nabbed%20Globally "Share on Reddit") [ ](mailto:?subject=Layoffs%20Threaten%20Cybersecurity%2C%20M%26S%20Data%20Breach%2C%20Hackers%20Nabbed%20Globally&body=Check out this article: undefined%2Fblog%2Flayoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally%2F "Share via Email")
> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-25103” readonly/>
```
```
**It’s week 3 of May**, and we are happy to be back with our fresh dose of cybersecurity news. Meanwhile, we hope you have managed to safeguard yourself from the nasty, [malicious actors](https://cybernews.com/news/malicious-actors-leak-us-criminal-database/).
The world can change so much in just a week. So does the cybersecurity landscape! This week, we will talk about the \*\*latest cybersecurity threat looming large in the US, thanks to their mass summer layoff plans!. _Also, we will focus on Marks & Spencer’s recent experience of a cyberattack. Lastly, we will focus on the latest incident where 4 hackers got arrested in a global botness business_.
Let’s dive deep into the details!
## Mass layoffs may lead to cybersecurity concerns in the US!
America is bracing for mass summer layoffs. Microsoft just announced its recent layoff incident of a mind-boggling [6K ](https://www.cnbc.com/2025/05/13/microsoft-is-cutting-3percent-of-workers-across-the-software-company.html)employees. As per a [report](https://www.bloomberg.com/news/articles/2025-05-14/microsoft-layoffs-hit-software-engineers-as-industry-touts-ai-savings), most layoffs are happening to coders, as companies are using **AI to save money**. Even [CrowdStrike](https://www.cybersecuritydive.com/news/insured-losses-crowdstrike-1-billion/723315/) is doing this now.
As of 2025, DMARC is mandatory under multiple compliance frameworks. [CISA BOD 18-01](https://www.cisa.gov/news-events/directives/bod-18-01) requires p=reject for US federal domains. [PCI DSS v4.0](https://www.pcisecuritystandards.org/) mandates DMARC for organizations processing payment card data as of March 2025\. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and [Microsoft began rejecting](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) non-compliant email in May 2025\. The UK [NCSC](https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing), Australia’s [ASD](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-email), and Canada’s [CCCS](https://www.cyber.gc.ca/en/guidance/implementation-guidance-email-domain-protection) all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition.
But experts believe that such layoffs can actually lead to [potential data theft](https://www.ibm.com/think/news/national-public-data-breach-publishes-private-data-billions-us-citizens) and increased [breach costs](https://www.csoonline.com/article/3616501/63-of-companies-plan-to-pass-data-breach-costs-to-customers.html). Around [80% ](https://www.mimecast.com/resources/white-papers/annual-data-exposure-report-2024/)of employees, while leaving their job, take along priceless intellectual property. This is especially true in uncertain times, such as sudden layoffs. T\_hese are times of rapid transitions, which may lead to mismanagement of confidential company data\_. The chaos around can further add to difficulties in threat detection and damage mitigation.
Experts believe that the \*\*average expense of such an insider threat may go as high as [$15](https://www.darkreading.com/cyber-risk/infosec-layoffs-arent-bargain-boards-may-think) million.
Experts also throw light on the fact that the existing cyber professionals are on the verge of burnout. Also, sudden layoffs can give [unauthorized access](https://www.reuters.com/business/media-telecom/us-committee-slaps-60-million-fine-t-mobile-over-unauthorized-data-access-2024-08-14/) to unwanted people, because of a lack of **ample monitoring systems**. _Meanwhile, cyberattackers are getting quite good at finding all these loopholes and gaps across organisations_.
Experts warn organizations against the bigger threat of high-intensity [cyberattacks](https://www.aljazeera.com/news/2025/4/15/china-accuses-us-of-launching-cyberattacks-during-asian-winter-games) that can take place at any moment because of mass layoffs.
## Marks & Spencer customer data stolen in cyberattack incident
Renowned UK-based retailer, Marks & Spencer, was attacked by [threat actors](https://cybersecuritynews.com/threat-actors-targeting-local-communities-in-the-u-s/) last month. While reporting about the incident to the authorities, they said that customer data was not compromised in the [cyber mishap](https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html). And that they were compelled to make a couple of “minor, temporary changes” to their day-to-day operations . Then they halted the online orders as part of their **recovery system**.
However, now Marks & Spencer has revealed that [customer data](https://www.reuters.com/business/retail-consumer/uks-ms-says-customer-information-was-taken-cyber-attack-2025-05-13/) such as telephone numbers, dates of birth, residential addresses, etc. have been affected and compromised by the cyberattack.
\*\*Marks & Spencer updated on the [London Stock Exchange](https://www.independent.co.uk/news/business/pawnbroker-h-t-snapped-up-by-us-firm-in-another-loss-for-london-stock-exchange-b2750718.html) website that its customers do not have to take any action. Also, they stated that in case the situation worsens, they will inform the customers at the earliest. _Just for maintaining mental sanity, customers can change their passwords, for which they will be prompted the next time they log into their M&S profile_.
Marks & Spencer believes that the \*\*compromised data does not include any type of card details or payment information. However, the customers are still at risk as their [personal data](https://www.nytimes.com/2024/12/14/us/cyberattack-rhode-island-ribridges-snap-medicaid.html) has been compromised, and they may receive suspicious messages, emails, and even calls from threat actors.
Implementing [DMARC](https://dmarcreport.com/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [SPF](https://autospf.com/blog/spf-guide-understanding-sender-policy-framework/) protocols is crucial for organizations to protect against [email-based attacks](https://www.reinsurancene.ws/ransomware-costs-ease-but-email-based-attacks-dominate-coalition-reports/) and safeguard [sensitive data](https://www.usnews.com/news/politics/articles/2025-04-07/musks-doge-team-can-access-government-data-for-now-appeals-court-rules).
[DragonForce](https://www.infosecurity-magazine.com/news/6tb-data-stolen-saudi-cyber-attack/), a [RaaS group](https://www.ibm.com/think/news/research-finds-56-percent-increase-active-ransomware-groups), has claimed responsibility for the Marks & Spencer attack. Besides M&S, it has also targeted two more UK retailers, [Co-Op and Harrods](https://www.bbc.com/news/articles/cwy382w9eglo).
## 4 hackers nabbed in relation to a global botnet business
In a recent turn of events, 4 hackers have been nabbed and charged for operating a massive botnet scheme. So far, it has generated a whopping \*\*$46 million by manipulating internet routers across the globe.
Allegedly, the accused hackers used to infect old models of \*\*wireless routers with malware (Anyproxy and 5socks). This malware was used to reconfigure the infected routers without the user’s knowledge. The same [infected devices](https://www.heise.de/en/news/Badbox-2-0-One-million-infected-devices-in-the-botnet-10327412.html) were then sold on their respective official websites as [proxy services](https://thehackernews.com/2025/05/breaking-7000-device-proxy-botnet-using.html). They offer anonymity to clients who are involved in \*\*multiple illicit activities online.
_The 5socks platform has been up and running since 2004\. The subscription feed ranges between $9.95 and $110 every month_.
The \*\*FBI has been working closely with other authorities and law enforcement partners, and has managed to seize all the associated domains. Together, they have successfully dismantled the entire [botnet’s infrastructure](https://www.csoonline.com/article/3604173/volt-typhoon-returns-with-fresh-botnet-attacks-on-critical-us-infrastructure.html).
Authorities are still running a full-fledged investigation to dig deeper into the matter and find out more details about the complete extent of the botnet’s activities as well as its impact on the global [cybersecurity](https://dmarcreport.com/blog/major-cybersecurity-trends-that-will-reign-in-2024/) system.The arrest and associated \*\*revelations serve as a stark reminder of the persistent threat of attacks, penetrating at multiple levels in our personal and professional lives.
## Sources
- [CISA Binding Operational Directive 18-01](https://www.cisa.gov/news-events/directives/bod-18-01)
- [Microsoft Outlook DMARC Enforcement May 2025](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) (2025)
- [PCI DSS v4.0 - DMARC Requirement](https://www.pcisecuritystandards.org/) (2025)
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing May 29, 2025 ](/blog/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/)[ Foundational 4m Africa Fights Cybercrime, Attention Farmers Customers, Apple Prevents Threats Aug 28, 2025 ](/blog/africa-fights-cybercrime-attention-farmers-customers-apple-prevents-threats/)[ Foundational 4m AI Scam Alert, Federal Cuts Vulnerability, American Tire Cyberattack Sep 9, 2025 ](/blog/ai-scam-alert-federal-cuts-vulnerability-american-tire-cyberattack/)[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally","description":"Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally from DMARC Report explains practical steps for email authentication, domain.","url":"https://dmarcreport.com/blog/layoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally/","datePublished":"2025-05-16T09:10:29.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2025-05-16T09:10:29.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/layoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally/"},"articleSection":"foundational","keywords":"dkim, DMARC, News, SPF","wordCount":1095,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Layoffs Threaten Cybersecurity, M&S Data Breach, Hackers Nabbed Globally","item":"https://dmarcreport.com/blog/layoffs-threaten-cybersecurity-ms-data-breach-hackers-nabbed-globally/"}]}
```