Marks & Spencer (M&S), a cornerstone of British retail, is grappling with a significant cyberattack that has disrupted its online operations. The incident, attributed to the hacking group Scattered Spider, has forced the company to suspend online orders, affecting thousands of customers and causing substantial financial losses.
Marks & Spencer (M&S), one of the UK’s oldest and most revered retailers, recently became the latest victim of a sophisticated cyberattack that forced it to suspend its online ordering system. The attack, linked to the notorious cybercriminal group Scattered Spider, penetrated critical parts of the company’s IT infrastructure, leading to a full-scale shutdown of its online platform.
This event underscores the growing cybersecurity risks facing global retailers in 2025. With e-commerce revenues reaching record highs and consumer reliance on digital platforms increasing, companies are facing a parallel surge in cyber threats.
More Read: Marks & Spencer Halts Online Orders in Wake of Ransom Attack
The Cyberattack Unfolds
The cyberattack began over the Easter weekend, targeting M&S’s digital infrastructure. The perpetrators deployed ransomware known as DragonForce, encrypting critical systems and halting online transactions. This assault has not only disrupted online sales but also impacted supply chain operations and in-store services across M&S’s 1,049 UK locations.
Scattered Spider, a group comprising individuals from the UK and US, is notorious for sophisticated cyberattacks on high-profile companies. Their tactics often involve social engineering and impersonation to gain unauthorized access to systems. In this case, they reportedly accessed M&S’s NTDS.dit file, a database containing sensitive user and security information.
Operational Disruptions and Customer Impact
The cyberattack has led to widespread operational challenges for M&S. Online orders have been suspended, and automated systems, including supply chain and payment processes, have been compromised. In-store staff have had to revert to manual operations, leading to inefficiencies and increased food waste due to disrupted donation and pricing systems.
Customers have expressed frustration over canceled orders, particularly for special occasions. Notably, several wedding cake orders, including popular options like Colin and Connie the Caterpillar, were canceled, leaving brides-to-be scrambling for alternatives.
Smaller businesses have stepped in to offer last-minute replacements, highlighting the ripple effect of the cyberattack on the broader retail ecosystem.
Latest news & breaking headlines
Financial Repercussions
The financial impact of the cyberattack on M&S is significant. The company is reportedly losing approximately £15 million per week due to operational disruptions, with potential annual profit reductions of up to £30 million. Additionally, nearly £750 million has been wiped off M&S’s market value, reflecting investor concerns over the company’s cybersecurity resilience.
Response and Recovery Efforts
In response to the cyberattack, M&S has enlisted cybersecurity firms and notified the UK’s National Cyber Security Centre. The company has suspended operations at its Castle Donington distribution center and limited remote IT access to enhance security. CEO Stuart Machin has issued an apology to customers and assured that teams are working tirelessly to resolve the incident.
While some services, such as contactless payments and returns, have been restored, full recovery may take weeks or even months. M&S has emphasized that no backup data was lost and continues to encourage customers to shop in-store during this period.
Industry-Wide Implications
The cyberattack on M&S is part of a broader trend of increasing cyber threats targeting the retail sector. Other major UK retailers, including the Co-op and Harrods, have also been victims of recent cyberattacks. These incidents underscore the need for robust cybersecurity measures and highlight the vulnerabilities inherent in legacy systems and real-time operations.
Authorities, including London’s Metropolitan Police and the UK’s National Cyber Security Centre, are investigating these attacks and providing support to affected companies. Cybersecurity experts warn that the growing use of generative artificial intelligence is intensifying the cyber threat landscape, urging organizations to strengthen their digital defenses.
Frequently Asked Question
What happened to Marks & Spencer’s online services?
A cyberattack forced M&S to suspend online orders and disrupted various digital operations, including supply chain and payment systems.
Who is responsible for the cyberattack?
The hacking group Scattered Spider, known for targeting high-profile companies, is believed to be behind the attack.
How has the cyberattack affected customers?
Customers have experienced canceled orders, particularly for special occasions like weddings, and have had to rely on in-store shopping due to online service disruptions.
What is the financial impact on M&S?
The company is losing approximately £15 million per week, with potential annual profit reductions of up to £30 million, and has seen a significant drop in market value.
Is customer data compromised?
M&S has stated that no backup data was lost and is working to ensure customer data remains secure.
What steps is M&S taking to recover?
The company has engaged cybersecurity firms, limited remote IT access, and is working with national security agencies to resolve the issue.
How does this incident reflect broader industry challenges?
The attack on M&S highlights the increasing cyber threats facing the retail sector and underscores the need for enhanced cybersecurity measures across the industry.
Conclusion
The cyberattack on Marks & Spencer marks a pivotal moment not only for the iconic retailer but also for the wider retail industry. As one of the UK’s most trusted brands, M&S’s digital vulnerability highlights the urgent need for enhanced cybersecurity infrastructure, continuous monitoring, and employee training to prevent future breaches. The disruption has led to severe operational and financial consequences, shaking customer trust and investor confidence.
