This article is from the source 'guardian' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.theguardian.com/business/2025/may/21/cyber-attack-cost-marks-and-spencer-lost-sales-company-results-reveal
The article has changed 8 times. There is an RSS feed of changes available.
| Version 4 | Version 5 |
|---|---|
| M&S expects cyber-attack to last into July and cost £300m in lost profits | M&S expects cyber-attack to last into July and cost £300m in lost profits |
| (32 minutes later) | |
| Retailer says website likely to reopen within weeks but disruption to some services could last longer | Retailer says website likely to reopen within weeks but disruption to some services could last longer |
| Marks & Spencer has said it will take an estimated £300m hit to profits this year from a damaging cyber-attack that it expects to disrupt its online business into July. | Marks & Spencer has said it will take an estimated £300m hit to profits this year from a damaging cyber-attack that it expects to disrupt its online business into July. |
| Its chief executive, Stuart Machin, confirmed that “threat actors” had gained access to the retailer’s systems via one of M&S’s contractors using “social engineering” techniques – such as posing as a staff member to fool a help desk. He said the hack was not down to a weakness in its IT systems. | Its chief executive, Stuart Machin, confirmed that “threat actors” had gained access to the retailer’s systems via one of M&S’s contractors using “social engineering” techniques – such as posing as a staff member to fool a help desk. He said the hack was not down to a weakness in its IT systems. |
| “They used heavily sophisticated techniques,” he said, adding that the incursion had been quickly spotted over the Easter weekend and the business was ready with a plan after a simulation exercise of an attack last year. | “They used heavily sophisticated techniques,” he said, adding that the incursion had been quickly spotted over the Easter weekend and the business was ready with a plan after a simulation exercise of an attack last year. |
| You can tell us how the cyber-attack has affected your shopping habits and your personal information by filling in the form below, or messaging us. | |
| Please include as much detail as possible | Please include as much detail as possible |
| Please include as much detail as possible | Please include as much detail as possible |
| Please include as much detail as possible | Please include as much detail as possible |
| Please note, the maximum file size is 5.7 MB. | Please note, the maximum file size is 5.7 MB. |
| Your contact details are helpful so we can contact you for more information. They will only be seen by the Guardian. | Your contact details are helpful so we can contact you for more information. They will only be seen by the Guardian. |
| Your contact details are helpful so we can contact you for more information. They will only be seen by the Guardian. | Your contact details are helpful so we can contact you for more information. They will only be seen by the Guardian. |
| If you include other people's names please ask them first. | If you include other people's names please ask them first. |
| Contact us on WhatsApp or Signal at +447766780300. | Contact us on WhatsApp or Signal at +447766780300. |
| For more information, please see our guidance on contacting us via WhatsApp, For true anonymity please use our SecureDrop service instead. | For more information, please see our guidance on contacting us via WhatsApp, For true anonymity please use our SecureDrop service instead. |
| M&S revealed more details of the cyber-incident alongside its annual trading figures, which showed underlying profits rose by a better-than-expected 22% to £876m in the year to 30 March. | M&S revealed more details of the cyber-incident alongside its annual trading figures, which showed underlying profits rose by a better-than-expected 22% to £876m in the year to 30 March. |
| The company said it had more than £400m of net funds in the bank so that it had been “in the best financial health we’ve been in 30 years” before the hackers hit. It said it aimed to halve the financial impact of the attack to about £150m through insurance, cost reductions and other actions. | The company said it had more than £400m of net funds in the bank so that it had been “in the best financial health we’ve been in 30 years” before the hackers hit. It said it aimed to halve the financial impact of the attack to about £150m through insurance, cost reductions and other actions. |
| Machin said he expected the business to “recover at pace” from the disruption, with its website expected to reopen “within weeks” and likely to begin selling in all product categories before July. “If anything, the incident allows us to accelerate the pace of change as we draw a line and move on,” he said. | Machin said he expected the business to “recover at pace” from the disruption, with its website expected to reopen “within weeks” and likely to begin selling in all product categories before July. “If anything, the incident allows us to accelerate the pace of change as we draw a line and move on,” he said. |
| He dismissed fears of a hit to shoppers’ confidence in the business, saying the retailer had been “very transparent” about the problem and had passed on information swiftly. | He dismissed fears of a hit to shoppers’ confidence in the business, saying the retailer had been “very transparent” about the problem and had passed on information swiftly. |
| Machin said M&S’s food was now selling well but that clothing and homeware sales in stores were “softer than we would like”, having been disrupted by the closure of the website. | Machin said M&S’s food was now selling well but that clothing and homeware sales in stores were “softer than we would like”, having been disrupted by the closure of the website. |
| He acknowledged that £300m – about two-thirds of which is down to lost clothing sales, according to analysts – “does sound like a big number” but described the hit as a “one-off” that was “not significant” to the business as a whole. | He acknowledged that £300m – about two-thirds of which is down to lost clothing sales, according to analysts – “does sound like a big number” but described the hit as a “one-off” that was “not significant” to the business as a whole. |
| Machin said there were no plans to offset the cost with job cuts or to reduce store refurbishments or openings, with nine new food stores and two full-line outlets planned this year. | Machin said there were no plans to offset the cost with job cuts or to reduce store refurbishments or openings, with nine new food stores and two full-line outlets planned this year. |
| The business is bringing forward IT investment and will carry out two years of work on updating its systems in six months, partly aided by the forced shutdown of its website and online distribution centre, which made bringing in new technology simpler. | The business is bringing forward IT investment and will carry out two years of work on updating its systems in six months, partly aided by the forced shutdown of its website and online distribution centre, which made bringing in new technology simpler. |
| Analysts said they expected to cut profit forecasts for this year by at least 10%. | Analysts said they expected to cut profit forecasts for this year by at least 10%. |
| The UK’s biggest clothing retailer, which also sells food and homeware, has been battling to recover for a month since its IT systems were hit over the Easter weekend. The attack forced M&S to stop orders via its website, through which it sells fashion, homeware and gifts, while deliveries of food and fashion into stores and some deliveries to its online food partner, Ocado, have also been disrupted. | The UK’s biggest clothing retailer, which also sells food and homeware, has been battling to recover for a month since its IT systems were hit over the Easter weekend. The attack forced M&S to stop orders via its website, through which it sells fashion, homeware and gifts, while deliveries of food and fashion into stores and some deliveries to its online food partner, Ocado, have also been disrupted. |
| Sign up to Business Today | Sign up to Business Today |
| Get set for the working day – we'll point you to all the business news and analysis you need every morning | Get set for the working day – we'll point you to all the business news and analysis you need every morning |
| after newsletter promotion | after newsletter promotion |
| M&S has admitted that some personal information relating to thousands of customers – including names, addresses, dates of birth and order histories – was taken in the cyber-attack. | M&S has admitted that some personal information relating to thousands of customers – including names, addresses, dates of birth and order histories – was taken in the cyber-attack. |
| Machin thanked customers and staff for their support. He said the business was now “focused on recovery, with the aim of exiting this period a much stronger business”. He said: “We started the new financial year as we finished the last, with sales growth ahead of budget across both businesses.” | Machin thanked customers and staff for their support. He said the business was now “focused on recovery, with the aim of exiting this period a much stronger business”. He said: “We started the new financial year as we finished the last, with sales growth ahead of budget across both businesses.” |
| The figures show that the cyber-incident interrupted a strong period of trading for M&S. Overall sales were up 6% to £13.9bn over the year to 30 March. Food sales rose almost 9% to £9bn, while fashion and homeware increased 3.5% to £4.2bn. | The figures show that the cyber-incident interrupted a strong period of trading for M&S. Overall sales were up 6% to £13.9bn over the year to 30 March. Food sales rose almost 9% to £9bn, while fashion and homeware increased 3.5% to £4.2bn. |
| The company did not give a figure for how much sales had fallen since the attack. | The company did not give a figure for how much sales had fallen since the attack. |
| After including one-off costs such as a £248.5m write down on the valuation of its Ocado Retail joint venture and £84m in costs of shutting and refurbishing stores the company’s pre-tax profits fell 24% to £511.8m. | After including one-off costs such as a £248.5m write down on the valuation of its Ocado Retail joint venture and £84m in costs of shutting and refurbishing stores the company’s pre-tax profits fell 24% to £511.8m. |
| The attack, which has been attributed to the hacking collective Scattered Spider, emerged days before similar cyber-attacks were reported against the Co-op and Harrods. | The attack, which has been attributed to the hacking collective Scattered Spider, emerged days before similar cyber-attacks were reported against the Co-op and Harrods. |