window.dotcom = window.dotcom || { cmd: [] }; window.dotcom.ads = window.dotcom.ads || { resolves: {enabled: [], getAdTag: []}, enabled: () => new Promise(r => window.dotcom.ads.resolves.enabled.push(r)), getAdTag: () => new Promise(r => window.dotcom.ads.resolves.getAdTag.push(r)) }; setTimeout(() => { if(window.dotcom.ads.resolves){ window.dotcom.ads.resolves.enabled.forEach(r => r(false)); window.dotcom.ads.resolves.getAdTag.forEach(r => r("")); window.dotcom.ads.enabled = () => new Promise(r => r(false)); window.dotcom.ads.getAdTag = () => new Promise(r => r("")); console.error("NGAS load timeout"); } }, 5000)
Skip to content

A letter from the M&S hackers landed in my inbox - this is what happened next

Joe Tidy
Cyber correspondent, BBC World Service
BBC A man with brown hair and wearing a light blue shirt looks in contemplation.BBC
Joe Tidy interacted with hackers who claimed to have done the M&S and Co-op hack

Almost daily, my phone pings with messages from hackers of all stripes.

The good, the bad, the not-so-sure.

I've been reporting on cyber security for more than a decade, so I know that many of them like to talk about their hacks, findings and escapades.

About 99% of these conversations stay firmly locked in my chat logs and don't lead to news stories. But a recent ping was impossible to ignore.

"Hey. This is Joe Tidy from the BBC reporting on this Co-op news, correct":[]}