M&S Faces Disruption After Cyberattack Compromises Customer Data
Marks & Spencer has confirmed that a cyberattack on its systems led to the theft of customer information, including names, contact details, dates of birth and online order histories. The retailer said no card data or account passwords were accessed, but nonetheless urged users to reset passwords as a precaution.
Chief executive Stuart Machin stated that affected customers were being contacted directly. “Unfortunately, some personal customer information has been taken,” he said. “Importantly, there is no evidence that the information has been shared.”
Retail Operations Disrupted for Weeks
The attack, which began over three weeks ago, has significantly hampered operations. Online orders remain suspended, Click & Collect services have been disrupted, and certain store locations have reported stock shortages. Payment systems were partially affected but have since been restored.
Estimates suggest the company is losing approximately £15 million in weekly revenue. Total losses could exceed £30 million if full services are not resumed promptly. Shares have fallen by more than 15 per cent since the breach became public, reflecting investor concern over both the operational fallout and long-term reputational damage.
Hacking Group Suspected, Investigation Ongoing
The cyberattack is believed to be the work of the hacking group Scattered Spider, which has been linked to similar incidents across multiple sectors. The National Crime Agency, the Metropolitan Police, and the National Cyber Security Centre are jointly investigating the breach. M&S has also engaged external forensic experts to support its internal teams and assist with recovery and containment measures.
While the company has not disclosed the method of entry, cybersecurity professionals familiar with the matter said the intrusion likely stemmed from compromised third-party software or a targeted phishing campaign. M&S has yet to confirm those details.
Learn more about DELTA Data Protection Manager Courses: DELTA Academy & Consulting
Data Exposure Raises Further Risk
Although financial data was not stolen, the type of customer data exposed, contact details and dates of birth, raises concerns about possible follow-on fraud or phishing activity. Cybersecurity specialists noted that such data sets can be valuable for identity-based scams.
In response, the company has created a customer advisory page and is encouraging vigilance. Customers are being advised to monitor accounts, change passwords, and report any unusual activity. The company is not offering compensation at this stage but has said it will support affected individuals if misuse of data becomes evident.
Broader Implications for Digital Strategy
The incident strikes at a challenging moment for M&S, which has invested heavily in modernising its digital infrastructure and expanding online services. The breach will likely raise questions about vendor risk management, incident preparedness, and system resilience.
The company’s immediate task is to restore full service, but the longer-term test will be whether it can reassure the market and its customer base of its ability to safeguard digital infrastructure in the future. For now, the attack stands as one of the most disruptive cyber incidents to hit a major UK retailer in recent years.
DELTA Data Protection & Compliance, Inc. Academy & Consulting – The DELTA NEWS – Visit: delta-compliance.com
