British retailer Marks & Spencer believes the ransomware group behind the April cyberattack that disrupted its online shopping for nearly seven weeks is known as “DragonForce,” the company’s chairman said on Tuesday.

Speaking before Parliament’s Business and Trade Committee, Chairman Archie Norman said the attack appeared to involve “loosely aligned parties” collaborating in the operation, according to Reuters.

“When this happens you don’t know who the attacker is, and in fact they never send you a letter signed Scattered Spider, that doesn’t happen,” said Norman.

He said Marks & Spencer did not hear from the attackers until about a week after they had breached the retailer’s systems.

To manage the cyberattack, Marks & Spencer suspended online clothing orders and shut down several other systems, leading to limited food availability and increased waste and logistics expenses.

In May, the company projected a loss of approximately £300 million ($409 million) in operating profit due to the incident.

Online clothing orders resumed on June 10 after a 46-day pause, though click-and-collect services have yet to be restored.