Cyber attack forces M&S to stop taking orders online sending shares plummeting
M&S has paused all online and app orders days after a 'cyber incident' paralysed its contactless payment system and click and collect.
Marks and Spencer was rocked over the Easter weekend by technical issues that meant shoppers could not use contactless payments.
In the days since, shares of the FTSE 100 retailer have tumbled to 377p from 411p last week.
The company said today: 'As part of our proactive management of the incident, we have made the decision to pause taking orders via our UK & Ireland websites and apps and some M&S International operated website. More Trending
'The M&S product range is available to browse online, and our stores remain open and ready to welcome and serve customers.
'We continue to manage the incident proactively and the M&S team – supported by leading experts – is working extremely hard to restore online operations and continue to serve customers well.
'We previously informed customers that there was no need to take any action. That remains the case, and we will let them know, if the situation changes.
'We remain grateful for the support that our customers, colleagues, partners and suppliers have shown during this time and will provide further updates, as appropriate.'
Get in touch with our news team by emailing us at webnews@metro.co.uk.
For more stories like this, check our news page.
MORE: Marks and Spencer join forces with fashion designer Olivia von Halle for a range of chic loungewear
MORE: Supermarket own-brand butter officially crowned better than Lurpak — and it's 60% cheaper
MORE: Shoppers furious over 'unspoken' supermarket rule that customers keep breaking
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Herald Scotland
an hour ago
- The Herald Scotland
US stock futures lower after US and China reach trade agreement
In other trade news, President Donald Trump's administration is close to a deal with Mexico to lift the 50% tariff on a limited amount of imported steel, according to Bloomberg. Before the bell, investors will also see May inflation. May reflects the first full month of price data since Trump announced his aggressive tariff plan on April 2. Economists polled by Dow Jones expect a 0.2% month-over-month increase for a 2.4% annual increase. Treasury Secretary Bessent will testify at 10 a.m. ET to Congress. Futures linked to the blue-chip Dow fell -0.19%, while broad S&P 500 futures dropped -0.20% and tech-heavy Nasdaq futures slipped -0.20%. Corporate news Dave & Buster's reaffirmed its full-year guidance and said data so far in June were encouraging. GitLab topped analyst estimates in the company's first three months of the year but its second-quarter outlook was soft. GameStop's revenues in the first three months of the year missed analysts' expectations. Medora Lee is a money, markets, and personal finance reporter at USA TODAY. You can reach her at mjlee@ and subscribe to our free Daily Money newsletter for personal finance tips and business news every Monday through Friday.
The Independent
11 hours ago
- The Independent
With retail cyberattacks on the rise, customers find orders blocked and and empty shelves
A string of recent cyberattacks and data breaches involving the systems of major retailers have started affecting shoppers. United Natural Foods, a wholesale distributor that supplies Whole Foods and other grocers, said this week that a breach of its systems was disrupting its ability to fulfill orders — leaving many stores without certain items. In the U.K., consumers could not order from the website of Marks & Spencer for more than six weeks — and found fewer in-store options after hackers targeted the British clothing, home goods and food retailer. A cyberattack on Co-op, a U.K. grocery chain, also led to empty shelves in some stores. Cyberattacks have been on the rise across industries. But infiltrations of corporate technology carry their own set of implications when the target is a consumer-facing business. Beyond potentially halting sales of physical goods, breaches can expose customers' personal data to future phishing or fraud attempts. Here's what you need to know. Cyberattacks are on the rise overall Despite ongoing efforts from organizations to boost their cybersecurity defenses, experts note that cyberattacks continue to increase across the board. In the past year, there's also been an 'uptick in the retail victims" of such attacks, said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, a U.S. nonprofit. 'Cyber criminals are moving a little quicker than we are in terms of securing our systems," he said. Ransomware attacks — in which hackers demand a hefty payment to restore hacked systems — account for a growing share of cyber crimes, experts note. And of course, retail isn't the only affected sector. Tracking by NCC Group, a global cybersecurity and software escrow firm, showed that industrial businesses were most often targeted for ransomware attacks in April, followed by companies in the 'consumer discretionary' sector. Attackers know there's a particular impact when going after well-known brands and products that shoppers buy or need every day, experts note. 'Creating that chaos and that panic with consumers puts pressure on the retailer,' Steinhauer said, especially if there's a ransom demand involved. Ade Clewlow, an associate director and senior adviser at the NCC Group, points specifically to food supply chain disruptions. Following the cyberattacks targeting M&S and Co-op, for example, supermarkets in remote areas of the U.K., where inventory already was strained, saw product shortages. 'People were literally going without the basics,' Clewlow said. Personal data is also at risk Along with impacting business operations, cyber breaches may compromise customer data. The information can range from names and email addresses, to more sensitive data like credit card numbers, depending on the scope of the breach. Consumers therefore need to stay alert, according to experts. 'If (consumers have) given their personal information to these retailers, then they just have to be on their guard. Not just immediately, but really going forward," Clewlow said, noting that recipients of the data may try to commit fraud 'downstream.' Fraudsters might send look-alike emails asking a retailer's account holders to change their passwords or promising fake promotions to get customers to click on a sketchy link. A good rule of thumb is to pause before opening anything and to visit the company's recognized website or call an official customer service hotline to verify the email, experts say. It's also best not to reuse the same passwords across multiple websites — because if one platform is breached, that login information could be used to get into other accounts, through a tactic known as 'credential stuffing.' Steinhauer adds that using multifactor authentication, when available, and freezing your credit are also useful for added lines of defense. Which companies have reported recent cybersecurity incidents? A range of consumer-facing companies have reported cybersecurity incidents recently — including breaches that have caused some businesses to halt operations. United Natural Foods, a major distributor for Whole Foods and other grocers across North America, took some of its systems offline after discovering 'unauthorized activity' on June 5. In a securities filing, the company said the incident had impacted its 'ability to fulfill and distribute customer orders." United Natural Foods said in a Wednesday update that it was 'working steadily' to gradually restore the services. Still, that's meant leaner supplies of certain items this week. A Whole Foods spokesperson told The Associated Press via email that it was working to restock shelves as soon as possible. The Amazon-owned grocer's partnership with United Natural Foods currently runs through May 2032. Meanwhile, a security breach detected by Victoria's Secret last month led the popular lingerie seller to shut down its U.S. shopping site for nearly four days, as well as to halt some in-store services. Victoria's Secret later disclosed that its corporate systems also were affected, too, causing the company to delay the release of its first quarter earnings. Several British retailers — M&S, Harrods and Co-op — have all pointed to impacts of recent cyberattacks. The attack targeting M&S, which was first reported around Easter weekend, stopped it from processing online orders and also emptied some store shelves. The company estimated last month that the it would incur costs of 300 million pounds ($400 million) from the attack. But progress towards recovery was shared Tuesday, when M&S announced that some of its online order operations were back — with more set to be added in the coming weeks. Other breaches exposed customer data, with brands like Adidas, The North Face and reportedly Cartier all disclosing that some contact information was compromised recently. In a statement, The North Face said it discovered a 'small-scale credential stuffing attack' on its website in April. The company reported that no credit card data was compromised and said the incident, which impacted 1,500 consumers, was 'quickly contained.' Meanwhile, Adidas disclosed last month that an 'unauthorized external party' obtained some data, which was mostly contact information, through a third-party customer service provider. Whether or not the incidents are connected is unknown. Experts like Steinhauer note that hackers sometimes target a piece of software used by many different companies and organizations. But the range of tactics used could indicate the involvement of different groups. Companies' language around cyberattacks and security breaches also varies — and may depend on what they know when. But many don't immediately or publicly specify whether ransomware was involved. Still, Steinhauer says the likelihood of ransomware attacks is 'pretty high' in today's cybersecurity landscape — and key indicators can include businesses taking their systems offline or delaying financial reporting. Overall, experts say it's important to build up 'cyber hygiene" defenses and preparations across organizations. 'Cyber is a business risk, and it needs to be treated that way," Clewlow said.
Channel 4
11 hours ago
- Channel 4
Spending Review: voters react to Labour plans for the UK economy
We've been to Barnsley – a seat long held by Labour – but in some nearby constituencies Reform UK has been gaining ground. We've been asking people there what they make of the Chancellor's Spending Review and wider plans for the UK economy.
