This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/c0el31nqnpvo
The article has changed 10 times. There is an RSS feed of changes available.
| Version 6 | Version 7 |
|---|---|
| M&S cyber attack: What we know about it and the impact it's having | M&S cyber attack: What we know about it and the impact it's having |
| (2 days later) | |
| Two and a half weeks after Marks & Spencer was first hit by a cyber attack, the retailer is still struggling to get services back to normal. | |
| Online orders are still suspended. | |
| The company said last week it was working "day and night" to put things right, after problems that started with problems affecting in-store payments on 25 April, then spread to affect further parts of the organisation. | |
| Here's what we know about the attack and the impact it is still having. | |
| Online orders are still paused | Online orders are still paused |
| M&S's problems began over the Easter weekend, with customers reporting problems with Click & Collect and contactless payments. | M&S's problems began over the Easter weekend, with customers reporting problems with Click & Collect and contactless payments. |
| The company confirmed it was dealing with a "cyber incident" and although those services have resumed, on Friday 25 April, it paused online orders on its website and apps. | The company confirmed it was dealing with a "cyber incident" and although those services have resumed, on Friday 25 April, it paused online orders on its website and apps. |
| Now, more than two weeks on, there is still no word on when online orders will resume. | |
| It is understood that customers who have received a ready-to-collect email can pick up their order in store, and orders placed after Wednesday 23 April will be refunded. | |
| Some stores were also missing certain food items, after the firm took some of its systems offline. | |
| Signs on empty shelves read: "Please bear with us while we fix some technical issues affecting product availability." | Signs on empty shelves read: "Please bear with us while we fix some technical issues affecting product availability." |
| It's understood the availability of groceries in the majority of food halls improved over the Bank Holiday weekend. | |
| However, on Tuesday, there were reports that some stores did not have all the items needed to make up meal deal offers. | |
| An M&S spokesperson said: "Customers can still buy meal deals in our rail station stores but there are pockets of availability for some items. We are working hard to continue getting our products into stores." | An M&S spokesperson said: "Customers can still buy meal deals in our rail station stores but there are pockets of availability for some items. We are working hard to continue getting our products into stores." |
| In addition, the company has pulled all job adverts from its website, with a message saying: "Sorry you can't search or apply for roles right now, we're working hard to be back online as soon as possible." | In addition, the company has pulled all job adverts from its website, with a message saying: "Sorry you can't search or apply for roles right now, we're working hard to be back online as soon as possible." |
| It was a ransomware attack | It was a ransomware attack |
| There has been silence from M&S on what or who was behind the attack on its systems, but we now know it was a ransomware attack. | There has been silence from M&S on what or who was behind the attack on its systems, but we now know it was a ransomware attack. |
| This is a type of malicious software used to scramble important data or files after gaining access to a business' computer systems, essentially locking them away unless a ransom is paid. | This is a type of malicious software used to scramble important data or files after gaining access to a business' computer systems, essentially locking them away unless a ransom is paid. |
| Hackers often threaten to leak or sell the data to pressure a business to pay up. | Hackers often threaten to leak or sell the data to pressure a business to pay up. |
| A ransomware group that goes by the name "DragonForce" told the BBC it was responsible for the attack on M&S, the Co-Op and an attempted hack of Harrods and said there would be more attacks soon. | A ransomware group that goes by the name "DragonForce" told the BBC it was responsible for the attack on M&S, the Co-Op and an attempted hack of Harrods and said there would be more attacks soon. |
| DragonForce operates an affiliate cyber crime service so anyone can use their malicious software and website to carry out attacks and extortions. | DragonForce operates an affiliate cyber crime service so anyone can use their malicious software and website to carry out attacks and extortions. |
| It's not known who is ultimately using the DragonForce service to attack the retailers, but some security experts say the tactics seen are similar to that of a loosely coordinated group of hackers who have been called Scattered Spider or Octo Tempest. | It's not known who is ultimately using the DragonForce service to attack the retailers, but some security experts say the tactics seen are similar to that of a loosely coordinated group of hackers who have been called Scattered Spider or Octo Tempest. |
| The gang operates on Telegram and Discord channels and is English-speaking and young – in some cases only teenagers. | The gang operates on Telegram and Discord channels and is English-speaking and young – in some cases only teenagers. |
| The National Cyber Security Centre (NCSC) has warned that criminals launching cyber attacks at British retailers are impersonating IT help desks to break into organisations. | The National Cyber Security Centre (NCSC) has warned that criminals launching cyber attacks at British retailers are impersonating IT help desks to break into organisations. |
| The Metropolitan Police has confirmed it is looking into the attack. | The Metropolitan Police has confirmed it is looking into the attack. |
| What is ransomware and how does it work? | What is ransomware and how does it work? |
| Why is the M&S cyber attack chaos taking so long to resolve? | Why is the M&S cyber attack chaos taking so long to resolve? |
| 'They wanted $4m': Lessons for M&S from other cyber attacks | 'They wanted $4m': Lessons for M&S from other cyber attacks |
| It's costing the company millions | It's costing the company millions |
| The cyber attack has already had a significant impact on the retailer, and the longer it takes them to deal with it, the bigger the hit to its bottom line. | The cyber attack has already had a significant impact on the retailer, and the longer it takes them to deal with it, the bigger the hit to its bottom line. |
| Its share price has fallen since the technical problems started, with more than half a billion pounds wiped off the company's value. | Its share price has fallen since the technical problems started, with more than half a billion pounds wiped off the company's value. |
| Online accounts for about a third of M&S's clothing and home sales. On average, £3.8m is spent on clothing and home products on its website and apps every day. | Online accounts for about a third of M&S's clothing and home sales. On average, £3.8m is spent on clothing and home products on its website and apps every day. |
| Faced with the website problems, it's possible customers may have gone to an M&S store to buy something. But it's also likely that shoppers have turned to rival online retailers instead. | Faced with the website problems, it's possible customers may have gone to an M&S store to buy something. But it's also likely that shoppers have turned to rival online retailers instead. |
| The problems have coincided with a period of warmer weather, when people are likely to want to buy new summer clothes. | The problems have coincided with a period of warmer weather, when people are likely to want to buy new summer clothes. |
| Catherine Shuttleworth from Savvy Marketing says the online impact is immediate. "Given the 'buy it now' culture other retailers will benefit from this opportunity." | Catherine Shuttleworth from Savvy Marketing says the online impact is immediate. "Given the 'buy it now' culture other retailers will benefit from this opportunity." |
| Analysts say M&S's reputation has suffered a "bruise", but they also say there is a lot of affection for the High Street stalwart so customers are likely to give it some leeway. | Analysts say M&S's reputation has suffered a "bruise", but they also say there is a lot of affection for the High Street stalwart so customers are likely to give it some leeway. |
| So far there has been no obvious backlash, with one customer telling the BBC staff were "perfectly charming" considering the cyber attack. | So far there has been no obvious backlash, with one customer telling the BBC staff were "perfectly charming" considering the cyber attack. |
| Suppliers are affected too | Suppliers are affected too |
| One of Marks & Spencer's biggest suppliers told the BBC it has resorted to using pen and paper for orders. | One of Marks & Spencer's biggest suppliers told the BBC it has resorted to using pen and paper for orders. |
| The boss of Greencore, which supplies sandwiches, rolls and wraps, says it also ramped up deliveries by a fifth to make sure there was more than enough food for the bank holiday weekend. | The boss of Greencore, which supplies sandwiches, rolls and wraps, says it also ramped up deliveries by a fifth to make sure there was more than enough food for the bank holiday weekend. |
| Thea Green, chief executive of beauty brand Nails Inc, told the BBC her company had a major launch coming up and she was nervous about it, given the problems at M&S. | Thea Green, chief executive of beauty brand Nails Inc, told the BBC her company had a major launch coming up and she was nervous about it, given the problems at M&S. |
| "It does have an impact on us – but it's a single-digit percentage of our business, so it's not a major impact. But they are a very relevant UK customer," she said. | "It does have an impact on us – but it's a single-digit percentage of our business, so it's not a major impact. But they are a very relevant UK customer," she said. |
| Meanwhile, M&S has also had to manage disruption to a small proportion of products that it supplies to Ocado, which delivers M&S online food orders and which is part-owned by M&S. | Meanwhile, M&S has also had to manage disruption to a small proportion of products that it supplies to Ocado, which delivers M&S online food orders and which is part-owned by M&S. |
| M&S isn't speaking | M&S isn't speaking |
| While the retailer was quick to inform customers of the breach, subsequent updates have been lacking. | While the retailer was quick to inform customers of the breach, subsequent updates have been lacking. |
| The message on 2 May from chief executive Stuart Machin saying sorry was the last public statement it has made, and only the third one it has put out in total. And there was no mention of when normal business would resume. | |
| M&S has not commented on the nature of the cyber attack, which is not unusual in cases like this, but experts say the uncertainty risks damaging consumer trust in the brand. | M&S has not commented on the nature of the cyber attack, which is not unusual in cases like this, but experts say the uncertainty risks damaging consumer trust in the brand. |
| "In today's hyper-connected world, silence can be unsettling, particularly when trust and transparency are the most valuable commodities a brand can offer," says Kate Hardcastle, a consumer expert and business adviser. | "In today's hyper-connected world, silence can be unsettling, particularly when trust and transparency are the most valuable commodities a brand can offer," says Kate Hardcastle, a consumer expert and business adviser. |
| Susannah Streeter from financial services company Hargreaves Lansdown says there is no indication that M&S is not meeting its legal obligations, given there is a holding statement on its website. | Susannah Streeter from financial services company Hargreaves Lansdown says there is no indication that M&S is not meeting its legal obligations, given there is a holding statement on its website. |
| "However, good communication and transparency will be vital to restore confidence in the company and its systems," she says. | "However, good communication and transparency will be vital to restore confidence in the company and its systems," she says. |
| "There is a risk emerging for the company in terms of reputational damage, the longer the crisis continues." | "There is a risk emerging for the company in terms of reputational damage, the longer the crisis continues." |