
M&S betting on customer patience as cyber-attack threatens to ruin 2025's strong start
Marks & Spencer was enjoying a strong start to 2025 thanks to a fashion revival and the warm spring weather. That has now been seriously undermined as the retailer scrambles to deal with disruption caused by a massive cyber-attack it first revealed a week ago.
At a time when M&S – alongside most major retailers – are pushing more automation on its customers and workers, industry insiders say the retailer's staff have been forced to return to pens, paper and clipboards to check stock in stores as internal systems have been put on hold.
Every second counts now, for M&S's bottom line and for its reputation. Shoppers report problems with the use of gift cards in stores while thousands of orders made on or after 23 April have been cancelled. On Monday, it emerged that the difficulties were now affecting Ocado, as M&S's deliveries of a small number of packaged foods to the online specialist it co-owns, were hit.
The cyber-attack first hit stores just over a week ago, with M&S pausing contactless payments and the collection of online orders last Tuesday. On Thursday, those systems mostly restarted but M&S halted all orders on its website – which accounts for just over a third of clothing and homewares sales – amounting to almost £3.8m a day.
As Patrick O'Brien, a retail analyst at GlobalData, says, cyber-attacks can have major consequences for businesses. 'This is one of the most damaging cyber-attacks on a major UK retailer we have seen, the worst since Carpetright last year, which tipped an already very weak retailer into administration,' he says.
M&S is a much stronger and larger business than Carpetright and not likely to be at risk of collapse, but the attack is having a direct impact on sales and as O'Brien says, the longer the disruption goes on, the more likely customers are to take their money elsewhere.
While most of the problems did not start until the later part of the Easter bank holiday, according to M&S, the attack cut off a run of buoyant trading. What M&S says was a separate incident also affected contactless payments in stores on the Saturday before Easter.
Before then, sales had jumped almost 9% in the three months to 30 March, according to industry analysts Kantar, well above the wider fashion industry, as it continued to win over shoppers.
M&S may derive some comfort from the fact that this is not happening during a peak trading period such as before Easter or Christmas, and Clive Black, M&S's house broker at Shore Capital, said he expected the retailer to recoup any losses resulting from the attack via insurance.
Sign up to Business Today
Get set for the working day – we'll point you to all the business news and analysis you need every morning
after newsletter promotion
'The financial impact will be a zero sum game,' he says. 'I don't believe there will be enduring damage unless they don't manage to fix it.'
'There will be Mr & Mrs Angry from Tunbridge Wells but most people can see in the last decade that M&S has materially improved as a business and there will be some sympathy. This is not something it brought on itself but a malevolent force.'
O'Brien agrees: 'Customers are surprisingly forgiving.'
Hashtags

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles

ITV News
30 minutes ago
- ITV News
M&S resumes online orders six weeks after cyber attack
Marks & Spencer has resumed online orders for customers, six weeks after it was forced to halt sales following a cyber attack. Currently, shoppers will only be able to purchase the company's "best-selling fashion ranges" as part of a staggered return to full online operations. On the company's Instagram page, the retailer's managing director of clothing, home and beauty, John Lyttle, wrote: "We are bringing back online shopping this week "A selection of our best-selling fashion ranges will be available for home delivery to England, Scotland and Wales. "More of our fashion, home and beauty products will be added every day and we will resume deliveries to Northern Ireland and Click and Collect in the coming weeks. "Thank you sincerely for your support and for shopping with us." The retailer made the decision to pause online orders over the Easter Weekend after being targeted by hackers. Customer personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken in the attack. In a statement at the time, the retailer said: "Unfortunately the nature of the incident means some personal customer data has been taken. "Importantly, there is no evidence that this data has been shared and it does not include useable card or payment details, or account passwords, so there is no need for customers to take any action." Customers were prompted to reset their password though the store assured customers this was only for "extra peace of mind." The retail group says 'human error' caused the attack, which is set to cost the firm around £300 million. It is understood that the retailer was targeted by a ransomware called DragonForce, and an employee most likely replied to a phishing email. The National Cyber Security Centre describes ransomware as a type of malicious software that prevents users from accessing their data and systems by encrypting their files. The group deploying the software will then demand a payment or "ransom" in exchange for granting access and unencrypting the data. Attackers can also threaten to leak the data if the ransom is not paid. According to reports, a hacking group known as Scattered Spider is said to be behind the M&S attack, although this has not been confirmed.


Sky News
43 minutes ago
- Sky News
M&S resumes limited online sales after ransomware attack
Marks & Spencer (M&S) has resumed some online clothes orders six weeks after a damaging cyberattack that the retailer has warned will cost it hundreds of millions of pounds. "Select fashion ranges" are available again for the first time in 46 days for customers across Britain. M&S said that people in Northern Ireland were still missing out as its online operations got back in gear. Ransomware hackers broke into its systems in April by tricking employees at a third-party contractor, skirting its digital defences, according to the company. "We are bringing back online shopping this week," said John Lyttle, managing director of fashion, home and beauty. "A selection of our best-selling fashion ranges will be available for home delivery to England, Scotland and Wales. "More of our fashion, home and beauty products will be added every day and we will resume deliveries to Northern Ireland and Click and Collect in the coming weeks." M&S stopped taking clothing and home orders through its website and app on 25 April. Three days earlier, it said it was managing a "cyber incident", with problems for its contactless pay and click and collect services over the Easter holiday weekend. Last month, M&S said it expected online disruption to continue into July and forecast the attack would cost it £300m. However, it expected insurance would cover some of those losses. The company has refused to say if it has paid any ransom to the hackers.


STV News
an hour ago
- STV News
M&S website resumes online orders after cyber-attack
Marks & Spencer has reopened its website to customers after being forced to halt internet orders in April following a damaging cyber attack. The retailer had halted orders on its website and saw empty shelves after being targeted by hackers around the Easter weekend. Customer personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken by hackers in the attack. Visitors to the M&S website were greeted with the message: 'Sorry you can't browse the site currently. We're making some updates and will be back soon.' The retail giant said that 'human error' had caused the attack, which is set to cost the firm around £300m, and chief executive Stuart Machin confirmed disruption could last until July. However, on Tuesday, a spokesperson confirmed that Marks & Spencer was reopening online shopping. In a statement published on social media, Marks & Spencer managing director of clothing, home and beauty John Lyttle said: 'We are bringing back online shopping this week. 'A selection of our best-selling fashion ranges will be available for home delivery to England, Scotland and Wales. 'More of our fashion, home and beauty products will be added every day, and we will resume deliveries to Northern Ireland and Click and Collect in the coming weeks. 'Thank you sincerely for your support and for shopping with us.' Get all the latest news from around the country Follow STV News Scan the QR code on your mobile device for all the latest news from around the country