Hackers who crippled Marks & Spencer during a devastating cyber-attack sent the retailer's boss an abusive email gloating about what they had done. Shameless digital fraudsters from the DragonForce hacking group reportedly sent the message to M&S chief executive, Stuart Machin using an employee email account. The email, sent in broken English on April 23, appears to confirm for the first time that M&S was hacked by the notorious ransomware group - something the retailer has so far refused to acknowledge. 'We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers,' the hackers wrote, the BBC reported.'The dragon wants to speak to you so please head over to [our darknet website].'A darknet link shared in the email connected to a portal for DragonForce victims to negotiate a ransom fee. The crime syndicate added: 'Let's get the party started. Message us, we will make this fast and easy for us.' The cyber hack over the Easter break has been hugely damaging for British high street staple, M&S, costing an estimated £300million. Six weeks on from the digital blitz, and the retailer is still unable to take online orders. Hacking group DragonForce reportedly sent an email to M&S top executives bragging about the crippling cyber-attack, which they claimed to have led. Pictured is the dragon icon they that was featured at the end of their email The shameless digital fraudsters sent the message to M&S chief executive Stuart Machin (pictured) using an employee email accountThe hack has cause mayhem for Marks & Spencer meaning it was unable to process online orders. The retailer later warned some customers' personal details had been stolenAccording to the BBC, the extortion email was sent to Mr Machin and seven other top executives. The blackmail message reportedly included a racist term. It was reportedly ended with an image of a fire-breathing dragon.As well as boasting about installing ransomware to cripple M&S's IT systems, the hackers said they had also stolen the private data of millions of customers.M&S informed customers three weeks later that contact details and dates of births from some shoppers had been snatched by a suspected cyber cartel.And the retailer also admitted other personal details had also been pilfered by digital crooks, including customers' order histories.However, bosses at the chain have insisted no data relating to shoppers' payment or card details, or account passwords, had been taken.It's unclear exactly how many shoppers have been affected by the major data breach. However, the group had 9.4 million active online customers in the year to March 30, according to its last full-year results.DragonForce's bragging email was apparently sent using the account of an employee from IT company Tata Consultancy Services (TCS), which has provided IT services to M&S for over a decade. M&S have faced stock issues following the cyber-attack which has left many of their shelves empty More bare fridge shelves inside an M&S supermarket following the cyber attack which crippled the chain What is DragonForce? DragonForce reportedly offers cyber-criminal partners various services on their darknet site in exchange for a 20 per cent cut of any ransoms collected.It's thought the group operates globally, with hackers operating out of China. Researchers also believe the group also has links to Russia.DragonForce Malaysia - thought to be an offshoot of the main group - is thought to be made up of pro-Palestine 'hacktivists'. They have reportedly been behind several campaigns targeting government agencies and organisations across the Middle East and Asia, filling a void left by hacking collective, Anonymous. Speculation has been mounting that hacking collective, Scattered Spider, may also have been involved in the recent spate of retail cyber attacks. The group, thought to be made up of young English-speaking hackers from the West, might be one of DragonForce's affiliates. The Indian IT worker had an M&S email address, but is a paid TCS employee and based in London. It is believed that he was among the victims hacked during the devastating digital blitzkrieg that has ravaged M&S online systems. The IT company has previously said it is investigating whether it was a gateway for the cyberattack.It has since told the BBC the email was not sent from its system and has nothing to do with the breach.M&S has declined to comment on the latest revelations in the hacking crisis. As well as claiming responsibility for the M&S hack, DragonForce also says it is behind the ongoing cyber-attack against the Co-op.The two hacks took place in April and have wrought chaos for both retailers. Empty shelves in some stores were reported by customers of both businesses, while M&S fears disruption to its services will continue into next month. However, experts believe it could take 'months' for M&S to fully recover from the hack, which wiped a staggering £1billion off the retailer's market value in the weeks after the mayhem.Matt Hull, head of threat intelligence at global cyber security company NCC Group, said the M&S meltdown could potentially have massive ramifications for shoppers.Warning of the impact, Mr Hull told MailOnline: 'The data breach at M&S is a stark reminder that no organisation is completely immune from cyber threats, and that all forms of customer data requires stringent protection.' Pictured is the full letter from M&S' chief executive Stuart Machin outlining the data breach He added cyber crooks could seek to use the data they have allegedly obtained to launch a fresh wave of attack on countless unsuspecting victims.'Despite the absence of financial data or passwords, threat actors could potentially use the stolen information to launch targeted social engineering attacks,' he warned.It is unclear who the actual hackers involved in the DragonForce's alleged cyber assault actually are.The incident is being probed digital experts from Britain's own 'FBI', the National Crime Agency. DragonForce reportedly offers cyber-criminal partners various services on their darknet site in exchange for a 20 per cent cut of any ransoms collected.It's believed the group operates worldwide, with connections to countries across Asia, with some operating in China. Researchers believe the group has links to Russia.DragonForce Malaysia - thought to be an offshoot of the main group - is thought to be made up of pro-Palestine 'hacktivists'. They have reportedly been behind several campaigns targeting government agencies and organisations across the Middle East and Asia, filling a void left by hacking collective, Anonymous. Speculation has been mounting that hacking collective, Scattered Spider, may also have been involved in the recent spate of retail cyber attacks. The group, thought to be made up of young English-speaking hackers from the West, might be one of DragonForce's affiliates. Members are known to include teenagers and young adults from the UK and US. A spokeswoman for M&S told MailOnline: 'We cannot comment on details of or speculation on the cyber incident, and we have been advised not to.'The NCA was approached for comment.