M&S first paused contactless payments and the collection of online orders last Tuesday (22 April). Some systems were back up and running by Thursday, but website orders are still halted and there are reports of empty shelves in some stores.
Customers complaining about unfulfilled orders on social media are being advised to wait for an email from M&S – but many have complained that communication has been inadequate. Others have criticised M&S for cancelling orders placed before the cyber incident took place.
Those that have been told their orders are cancelled have been informed they will get a full refund.
M&S reportedly has limited employee access when working from home while the issues are resolved.
A statement on the M&S website said: “As part of our proactive management of a cyber incident, we have made the decision to pause taking orders via our M&S.com websites, apps and over the phone. Our product range remains available to browse online. We are truly sorry for this inconvenience. Our stores are open to welcome customers.
How life insurance can benefit your health and wellbeing over the decades
Sponsored by Post Office
“We have informed customers that there is no need for them to take any action. That remains the case, and if the situation changes, we will let them know. Our experienced team – supported by leading cyber experts – is working extremely hard to restart online and app shopping. We are incredibly grateful to our customers, colleagues and partners for their understanding and support.”
According to The Guardian, online business accounts for just over a third of clothing and homeware sales at M&S – amounting to almost £3.8m per day. The M&S share price has fallen from 407.20p last Wednesday to 388.90p today.
Various reports have linked the cyber attack to a hacking group known as Scattered Spider, with experts suggesting it may have been a ransomware attack.
A ransomware attack is a type of cyber attack where malicious software encrypts a victim’s data or locks their computer system, making it inaccessible. The attacker then demands a ransom payment, usually in cryptocurrency, to unlock the data or restore access to the system.
Although the nature of the M&S attack remains uncertain, the immediate impact – online shopping paused and employees unable to access internal networks from home – is very clear.
‘It has had a huge impact on the business’
AJ Thompson, chief commercial officer at IT Consultancy Northdoor, said: “This latest high-profile attack is another example of cyber criminals successfully gaining access to systems and data and causing havoc. M&S has had to shut down its external-facing online retail offering and its internal systems for employees that work from home, meaning that it has had a huge impact on the business.
“Whilst M&S is scrabbling to restore systems, the attack itself should act as a wake-up call to all other businesses, no matter what sector they operate in. In the face of a highly sophisticated approach from cyber criminals and against a backdrop of an increasingly complex regulatory landscape, companies have to ensure defences and resilience are firmly in place and part of the company culture.”
Despite the disruption, M&S has assured customers that their data remains secure and has advised them to remain vigilant for potential scams. The company continues to work on restoring services and has not provided a specific timeline for full resolution.
