This article is from the source 'guardian' and was first published or seen on . The next check for changes will be

You can find the current article at its original source at https://www.theguardian.com/business/2025/may/21/cyber-attack-cost-marks-and-spencer-lost-sales-company-results-reveal

The article has changed 8 times. There is an RSS feed of changes available.

Version 2 Version 3
M&S expects cyber-attack to last into July and cost £300m in lost profits M&S expects cyber-attack to last into July and cost £300m in lost profits
(about 3 hours later)
Hack on IT systems since Easter weekend has forced M&S to halt online orders and left it struggling to stack shelves Retailer says website likely to reopen within weeks but disruption to some services could last longer
Marks & Spencer has said it will take an estimated £300m hit to profits this year from a damaging cyber-attack that it expects will disrupt its online business into July. Marks & Spencer has said it will take an estimated £300m hit to profits this year from a damaging cyber-attack that it expects to disrupt its online business into July.
The number was revealed as M&S said pre-tax profits rose by a better-than-expected 22% to £876m in the year to 30 March, shortly before the attack, as sales rose 6% to £13.9bn. Its chief executive, Stuart Machin, confirmed that “threat actors” had gained access to the retailer’s systems using “social engineering” techniques such as posing as a staff member to fool a help desk and the hack was not down to a weakness in IT systems.
The company said it had more than £400m of net funds in the bank so that it had been “in the best financial health we’ve been in 30 years” before the hackers hit and the expected financial impact would be significantly mitigated by insurance, cost reductions and other actions. “They used heavily sophisticated techniques,” he said, adding that the incursion had been quickly spotted over the Easter weekend and the business was ready with a plan after a simulation exercise of an attack last year.
Analysts said they expected to cut profit forecasts for this year by at least 10% but the City is expecting at least £100m of the profits hit to be pulled back from insurance and other measures. You can tell us how the cyber-attack has affected you and your personal information by filling in the form below, or messaging us.
The UK’s biggest clothing retailer, which also sells food and homeware, has been battling to recover for a month since its IT systems were hit over the Easter weekend. Please include as much detail as possible
The attack forced M&S to stop orders via its website, through which it sells fashion, homeware and gifts, while deliveries of food and fashion into stores and some deliveries to its online food partner, Ocado, have also been disrupted. Please include as much detail as possible
M&S said the online disruption was expected to continue “throughout June and into July as we restart, then ramp up operations” adding to costs as well as hitting sales. It said sales in its stores had “remained resilient” without further details. Please include as much detail as possible
M&S has also admitted that some personal information relating to thousands of customers including names, addresses, dates of birth and order histories was taken in the cyber-attack. Please note, the maximum file size is 5.7 MB.
Stuart Machin, the chief executive of M&S, thanked customers and staff for their support during the incident, which he said was “a bump in the road”. He said: “We will come out of this in better shape, and continue our plan to reshape M&S.” Your contact details are helpful so we can contact you for more information. They will only be seen by the Guardian.
Machin said the business was now “focused on recovery, with the aim of exiting this period a much stronger business” and there was no change to its longer-term plans. “If anything, the incident allows us to accelerate the pace of change as we draw a line and move on,” he said. Your contact details are helpful so we can contact you for more information. They will only be seen by the Guardian.
“We started the new financial year as we finished the last, with sales growth ahead of budget across both businesses,” Machin said. “Over the last few weeks, we have been managing a highly sophisticated and targeted cyber-attack, which has led to a limited period of disruption. We have tackled this head-on with incredible spirit, teamwork and deep sense of responsibility as we prioritised serving our customers.” If you include other people's names please ask them first.
The figures showed the cyber incident had interrupted a strong period of trading for M&S. Food sales rose almost 9% to £9bn in the year to 30 March, while fashion and homeware sales were up 3.5% to £4.2bn despite a difficult autumn last year for most clothing businesses. Contact us on WhatsApp or Signal at +447766780300.
Machin said in the first few weeks of the new financial year before the cyber-attack, M&S had continued with “sales growth ahead of budget across both businesses”. The company did not give a figure for how much sales had fallen since the attack. For more information, please see our guidance on contacting us via WhatsApp, For true anonymity please use our SecureDrop service instead.
M&S revealed more details of the cyber-incident alongside its annual trading figures, which showed pre-tax profits rose by a better-than-expected 22% to £876m in the year to 30 March.
The company said it had more than £400m of net funds in the bank so that it had been “in the best financial health we’ve been in 30 years” before the hackers hit. It said it aimed to halve the financial impact of the attack to about £150m through insurance, cost reductions and other actions.
Machin said he expected the business to “recover at pace” from the disruption, with its website set to reopen “within weeks” and likely to begin selling in all product categories before July. “If anything, the incident allows us to accelerate the pace of change as we draw a line and move on,” he said.
He dismissed fears of a hit to shoppers’ confidence in the business, saying M&S customers had been “unwavering in their support” and that the retailer had been “very transparent” about the problem and had passed on information swiftly.
Machin said M&S’s food was now selling well but that clothing and homeware sales in stores were “softer than we would like”, having been disrupted by the closure of the website.
He acknowledged that £300m – about two-thirds of which is down to lost clothing sales, according to analysts – “does sound like a big number” but described the hit as a “one-off” that was “not significant” to the business as a whole.
Machin said there were no plans to offset the cost with job cuts or to reduce store refurbishments or openings, with nine new food stores and two new full-line outlets planned this year.
The business is bringing forward IT investment and will carry out two years of work on updating its systems in six months, partly aided by the forced shutdown of its website and online distribution centre, which made bringing in new technology simpler.
Analysts said they expected to cut profit forecasts for this year by at least 10%.
The UK’s biggest clothing retailer, which also sells food and homeware, has been battling to recover for a month since its IT systems were hit over the Easter weekend. The attack forced M&S to stop orders via its website, through which it sells fashion, homeware and gifts, while deliveries of food and fashion into stores and some deliveries to its online food partner, Ocado, have also been disrupted.
Sign up to Business Today
Get set for the working day – we'll point you to all the business news and analysis you need every morning
after newsletter promotion
M&S has admitted that some personal information relating to thousands of customers – including names, addresses, dates of birth and order histories – was taken in the cyber-attack.
Machin thanked customers and staff for their support. He said the business was now “focused on recovery, with the aim of exiting this period a much stronger business”. He said: “We started the new financial year as we finished the last, with sales growth ahead of budget across both businesses.”
The figures show that the cyber-incident interrupted a strong period of trading for M&S. Overall sales were up 6% to £13.9bn over the year to 30 March. Food sales rose almost 9% to £9bn, while fashion and homeware increased 3.5% to £4.2bn.
Machin said that in the first few weeks of the new financial year before the cyber-attack, M&S had continued with “sales growth ahead of budget across both businesses”. The company did not give a figure for how much sales had fallen since the attack.
The attack, which has been attributed to the hacking collective Scattered Spider, emerged days before similar cyber-attacks were reported against the Co-op and Harrods.The attack, which has been attributed to the hacking collective Scattered Spider, emerged days before similar cyber-attacks were reported against the Co-op and Harrods.
The headline on this article was amended on 21 May 2025 to make clear the £300m hit was to profits and not sales. This headline on this article was amended on 21 May 2025 to make clear the £300m hit was to profits and not sales.