The Breach
Retail giant Marks & Spencer (M&S) is facing a potential £300 million legal claim after a data breach exposed personal information of over 1,000 customers including names, birthdates, and contact details.
No passwords or financial data were stolen.
But that didn’t matter.
The legal tide is turning
This case signals a shift: companies are now being treated as guilty until proven secure.
Lawyers argue that unless M&S can prove they met industry-standard cybersecurity measures, they’ll be held legally responsible, even though the breach reportedly resulted from human error.
“We are reaching a point where claiming ‘human mistake’ is no longer an acceptable excuse.”
This reflects a broader trend: personal data is just as protected (and just as valuable to criminals) as payment data. Identity theft, phishing, and impersonation are real-world consequences — and courts are catching up.
What this means for you
If your business handles any kind of customer or employee data, this precedent should raise red flags. A mistake by one staff member, one email click, or one misconfigured setting can now lead to massive reputational and legal consequences.
And unless you can demonstrate you took reasonable steps to prevent it — through training, controls, and monitoring — the liability may fall squarely on your business.
How Republic helps
Republic, Recyber’s human-first cybersecurity platform, was built for exactly this moment.
We don’t just train your people. We track risk over time, document improvements, and help build the kind of evidence of due diligence that may soon become your first legal defense.
With Republic, you can:
-
Spot risky behavior early
-
Deliver just-in-time training
-
Build an audit trail of security efforts
-
Reduce exposure to legal claims tied to “human error”
The bottom line
The old playbook – “we didn’t lose passwords” or “it was just a mistake”- doesn’t cut it anymore.
If your staff can access sensitive data, they’re part of your security perimeter. It’s your responsibility to show you equipped them to protect it.
Republic helps you prove it.
Want to see how it works?
Republic Free Trial
Improve cybersecurity behaviours and reduce cyber risk across your organisation. Republic delivers real-time insights and targeted interventions to strengthen security culture and keep your team protected.
Pricing: £199 per month for organisations with under 100 users.
For organisations over 100, please contact the sales team using the form below.
Learn More
#gform_wrapper_3[data-form-index=”0″].gform-theme,[data-parent-form=”3_0″]{–gf-color-primary: #204ce5;–gf-color-primary-rgb: 32, 76, 229;–gf-color-primary-contrast: #fff;–gf-color-primary-contrast-rgb: 255, 255, 255;–gf-color-primary-darker: #001AB3;–gf-color-primary-lighter: #527EFF;–gf-color-secondary: #fff;–gf-color-secondary-rgb: 255, 255, 255;–gf-color-secondary-contrast: #112337;–gf-color-secondary-contrast-rgb: 17, 35, 55;–gf-color-secondary-darker: #F5F5F5;–gf-color-secondary-lighter: #FFFFFF;–gf-color-out-ctrl-light: rgba(17, 35, 55, 0.1);–gf-color-out-ctrl-light-rgb: 17, 35, 55;–gf-color-out-ctrl-light-darker: rgba(104, 110, 119, 0.35);–gf-color-out-ctrl-light-lighter: #F5F5F5;–gf-color-out-ctrl-dark: #585e6a;–gf-color-out-ctrl-dark-rgb: 88, 94, 106;–gf-color-out-ctrl-dark-darker: #112337;–gf-color-out-ctrl-dark-lighter: rgba(17, 35, 55, 0.65);–gf-color-in-ctrl: #fff;–gf-color-in-ctrl-rgb: 255, 255, 255;–gf-color-in-ctrl-contrast: #112337;–gf-color-in-ctrl-contrast-rgb: 17, 35, 55;–gf-color-in-ctrl-darker: #F5F5F5;–gf-color-in-ctrl-lighter: #FFFFFF;–gf-color-in-ctrl-primary: #204ce5;–gf-color-in-ctrl-primary-rgb: 32, 76, 229;–gf-color-in-ctrl-primary-contrast: #fff;–gf-color-in-ctrl-primary-contrast-rgb: 255, 255, 255;–gf-color-in-ctrl-primary-darker: #001AB3;–gf-color-in-ctrl-primary-lighter: #527EFF;–gf-color-in-ctrl-light: rgba(17, 35, 55, 0.1);–gf-color-in-ctrl-light-rgb: 17, 35, 55;–gf-color-in-ctrl-light-darker: rgba(104, 110, 119, 0.35);–gf-color-in-ctrl-light-lighter: #F5F5F5;–gf-color-in-ctrl-dark: #585e6a;–gf-color-in-ctrl-dark-rgb: 88, 94, 106;–gf-color-in-ctrl-dark-darker: #112337;–gf-color-in-ctrl-dark-lighter: rgba(17, 35, 55, 0.65);–gf-radius: 3px;–gf-font-size-secondary: 14px;–gf-font-size-tertiary: 13px;–gf-icon-ctrl-number: url(“data:image/svg+xml,%3Csvg width=’8′ height=’14’ viewBox=’0 0 8 14′ fill=’none’ xmlns=’http://www.w3.org/2000/svg’%3E%3Cpath fill-rule=’evenodd’ clip-rule=’evenodd’ d=’M4 0C4.26522 5.96046e-08 4.51957 0.105357 4.70711 0.292893L7.70711 3.29289C8.09763 3.68342 8.09763 4.31658 7.70711 4.70711C7.31658 5.09763 6.68342 5.09763 6.29289 4.70711L4 2.41421L1.70711 4.70711C1.31658 5.09763 0.683417 5.09763 0.292893 4.70711C-0.0976311 4.31658 -0.097631 3.68342 0.292893 3.29289L3.29289 0.292893C3.48043 0.105357 3.73478 0 4 0ZM0.292893 9.29289C0.683417 8.90237 1.31658 8.90237 1.70711 9.29289L4 11.5858L6.29289 9.29289C6.68342 8.90237 7.31658 8.90237 7.70711 9.29289C8.09763 9.68342 8.09763 10.3166 7.70711 10.7071L4.70711 13.7071C4.31658 14.0976 3.68342 14.0976 3.29289 13.7071L0.292893 10.7071C-0.0976311 10.3166 -0.0976311 9.68342 0.292893 9.29289Z’ fill=’rgba(17, 35, 55, 0.65)’/%3E%3C/svg%3E”);–gf-icon-ctrl-select: url(“data:image/svg+xml,%3Csvg width=’10’ height=’6′ viewBox=’0 0 10 6′ fill=’none’ xmlns=’http://www.w3.org/2000/svg’%3E%3Cpath fill-rule=’evenodd’ clip-rule=’evenodd’ d=’M0.292893 0.292893C0.683417 -0.097631 1.31658 -0.097631 1.70711 0.292893L5 3.58579L8.29289 0.292893C8.68342 -0.0976311 9.31658 -0.0976311 9.70711 0.292893C10.0976 0.683417 10.0976 1.31658 9.70711 1.70711L5.70711 5.70711C5.31658 6.09763 4.68342 6.09763 4.29289 5.70711L0.292893 1.70711C-0.0976311 1.31658 -0.0976311 0.683418 0.292893 0.292893Z’ fill=’rgba(17, 35, 55, 0.65)’/%3E%3C/svg%3E”);–gf-icon-ctrl-search: url(“data:image/svg+xml,%3Csvg version=’1.1′ xmlns=’http://www.w3.org/2000/svg’ width=’640′ height=’640’%3E%3Cpath d=’M256 128c-70.692 0-128 57.308-128 128 0 70.691 57.308 128 128 128 70.691 0 128-57.309 128-128 0-70.692-57.309-128-128-128zM64 256c0-106.039 85.961-192 192-192s192 85.961 192 192c0 41.466-13.146 79.863-35.498 111.248l154.125 154.125c12.496 12.496 12.496 32.758 0 45.254s-32.758 12.496-45.254 0L367.248 412.502C335.862 434.854 297.467 448 256 448c-106.039 0-192-85.962-192-192z’ fill=’rgba(17, 35, 55, 0.65)’/%3E%3C/svg%3E”);–gf-label-space-y-secondary: var(–gf-label-space-y-md-secondary);–gf-ctrl-border-color: #686e77;–gf-ctrl-size: var(–gf-ctrl-size-md);–gf-ctrl-label-color-primary: #112337;–gf-ctrl-label-color-secondary: #112337;–gf-ctrl-choice-size: var(–gf-ctrl-choice-size-md);–gf-ctrl-checkbox-check-size: var(–gf-ctrl-checkbox-check-size-md);–gf-ctrl-radio-check-size: var(–gf-ctrl-radio-check-size-md);–gf-ctrl-btn-font-size: var(–gf-ctrl-btn-font-size-md);–gf-ctrl-btn-padding-x: var(–gf-ctrl-btn-padding-x-md);–gf-ctrl-btn-size: var(–gf-ctrl-btn-size-md);–gf-ctrl-btn-border-color-secondary: #686e77;–gf-ctrl-file-btn-bg-color-hover: #EBEBEB;–gf-field-pg-steps-number-color: rgba(17, 35, 55, 0.8);}
Please let us know what's on your mind. Have a question for us? Ask away.This field is for validation purposes and should be left unchanged.
