Marks & Spencer (M&S) has announced that its online ordering system is expected to remain disrupted until July due to a significant cyberattack that began over Easter. Since the breach, the retailer has experienced considerable operational challenges, sparking customer concerns about data safety and product availability.
Background
The cyberattack, identified as a ransomware incident, led M&S to halt online orders in late April. In a statement, Chief Executive Stuart Machin reassured customers, saying, “Customers will be able to shop online within the next few weeks, with momentum increasing throughout June and July.” The company has struggled to restore online services, affecting inventory management and delivery schedules.
The attack reportedly compromised some customer information, including names, addresses, and contact details. While M&S confirmed that sensitive payment information and passwords were not involved, the company advised customers to remain cautious of unsolicited communications aiming to exploit their data.
Impact on Operations
M&S has faced extensive disruptions, with some stores experiencing empty shelves as the company attempted to rectify system issues. “Please bear with us while we fix some technical issues affecting product availability,” read signs in affected locations. Although grocery availability improved over the early May Bank Holiday, some reports indicated continued shortages, particularly for promotional meal deals.
In a recent update, M&S confirmed that customers notified of ready-to-collect orders could still retrieve them in-store. However, all orders placed after April 23 will be refunded. The company has temporarily removed job postings from its website as it focuses on restoring its digital operations.
Official Response
Security experts have linked the attack to a group known as Scattered Spider, comprised of young hackers utilizing an illicit service called DragonForce. Ransomware attacks are characterized by hackers scrambling sensitive data and demanding payment for its release. M&S’s management indicated that the breach was facilitated through social engineering techniques, where attackers impersonate trusted entities to gain insider access.
The National Cyber Security Centre (NCSC) has raised alarms about this method, emphasizing the need for robust cybersecurity practices within retail businesses. Machin confirmed that the hackers breached M&S systems through a third party that had access to their network, highlighting vulnerabilities that could also affect other sectors.
Financial Consequences
The cyberattack’s repercussions are financially significant for M&S. The company projects a £300 million reduction in profits for the fiscal year, leading to a substantial decline in its stock market value, over half a billion pounds since the incident occurred. Retail analysts suggest that the disruption may shift customers to competitors, particularly during the seasonal demand for summer clothing.
Catherine Shuttleworth from Savvy Marketing emphasized the opportunity seized by rival businesses during M&S’s online outage, stating, “Given the ‘buy it now’ culture, other retailers will benefit from this opportunity.” Similarly, business consultant Jackie Naghten asserted, “It’s absolutely costing them fortunes.”
Supplier Challenges
The impact is not limited to M&S; suppliers are also feeling the strain. Greencore, one of M&S’s key suppliers, reported resorting to manual order processing due to the disruption. CEO Thea Green of the beauty brand Nails Inc expressed concerns about upcoming product launches, recognizing M&S as a valuable customer despite the relatively small percentage of her business attributed to them.
As M&S navigates the ongoing repercussions of this incident, its path forward remains uncertain. The retail giant is under increased scrutiny to enhance its cyber defenses while managing supply chain disruptions—an essential factor for regaining consumer trust and restoring operational normalcy.
For more business News, check PGN Business Insider.
