Tata Consultancy Services (TCS) has firmly refuted a UK media report claiming that British retailer Marks & Spencer (M&S) terminated a $1 billion contract with the Indian IT major following cyberattack-related issues.
Dismissing the claims as “misleading,” TCS clarified that the contract’s conclusion was part of a regular tendering process, unrelated to any cyber incident, reported Moneycontrol.
In a statement to the stock exchanges late on Sunday, TCS addressed the report published by The Telegraph, titled “M&S ousts Indian outsourcer accused of £300m cyberattack failures.” The IT firm said the story was riddled with factual errors, including the alleged contract value and the nature of its ongoing business with M&S.
‘Contract Decision Made Before Cyber Incident’
TCS explained that the service desk contract mentioned in the report had undergone a competitive tender process that began in January 2025. The company said M&S opted to collaborate with other partners “much prior to the cyber incident in April 2025.” The IT firm emphasised that these developments were “clearly unrelated.”
The company also highlighted that the contract in question was a minor part of its broader engagement with M&S. “TCS continues to work on numerous other areas in its role as a strategic partner for M&S and is proud of this longstanding partnership,” the statement added.
TCS Clears Air on Cybersecurity Claims
Addressing concerns about the cyberattack, TCS said it had conducted a thorough investigation of its systems and networks, confirming that no vulnerabilities stemmed from its end. The company reiterated that it does not provide cybersecurity services to M&S, those responsibilities lie with another partner.
“TCS does not provide cyber security services to M&S. This is a service that is provided by another partner,” the company clarified.
The rebuttal came after The Telegraph claimed that M&S decided against renewing a $1 billion technology helpdesk deal with TCS following a cyberattack that reportedly caused losses of about £300 million to the retailer. Both M&S and TCS have since confirmed that the decision not to renew was taken before the breach and as part of standard business continuity practices.