M&S Online Operations Remain Crippled Following Cyberattack

London, UK – Marks & Spencer, the iconic British retail giant, continues to grapple with severe and widespread disruption to its online services, with its website currently displaying a "Sorry you can't browse the site currently. We're making some updates and will be back soon" message. This extensive outage, which has left countless customers unable to browse or place orders, stems from a sophisticated cyberattack that first impacted the company around the Easter weekend. The ongoing technical issues have forced M&S to halt all online orders and have even affected in-store functionalities like contactless payments and the use of gift cards at various points.
The severity of the attack, now confirmed as a ransomware incident, has prompted M&S to project that online disruption could persist well into July, a significant setback for the retailer. While a phased return to normal operations is anticipated to begin in June, the company has conceded that a full recovery will take time. This prolonged outage is not merely an inconvenience for shoppers; M&S has estimated that the cyberattack will cost the firm approximately £300 million in lost operating profit for the current year, a substantial blow that is only partly mitigated by potential insurance payouts.
The cyberattack, described by M&S Chief Executive Stuart Machin as "highly sophisticated and targeted," reportedly gained access to the retailer's systems via a third-party vendor. While M&S has remained tight-lipped about the specifics of the perpetrators, reports suggest that a notorious English-speaking hacking group known as "Scattered Spider," which often deploys ransomware from the "DragonForce" collective, is being investigated by police. This same group has been linked to other high-profile cyberattacks on UK retailers.
The decision to take down its online systems was a proactive measure by M&S to protect its website and customer data. However, the attack has already resulted in the compromise of some customer personal data, including names, email addresses, postal addresses, and dates of birth. M&S has advised customers that there is no need for them to take immediate action, and that they will be informed if the situation changes.
The ramifications of the cyberattack have extended beyond online sales, causing ripple effects throughout M&S's supply chain and leading to reports of empty shelves in some physical stores. The company had to temporarily halt its stock forecasting system for food, though it has since reported that this system is back online, allowing for normal flows from distribution centers to stores.
This incident has served as a stark reminder to the retail industry of the critical importance of robust cybersecurity measures and the potential for such attacks to inflict severe financial and reputational damage. As M&S continues its painstaking recovery process, prioritizing security over speed, the incident highlights the complex and interconnected nature of modern retail operations and their vulnerability to evolving cyber threats. For customers, the waiting game continues, with a collective hope that the beloved high street brand will soon return to full online functionality.
Source@BBC