This article is from the source 'guardian' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.theguardian.com/business/2025/jun/10/m-s-marks-and-spencer-website-online-orders-cyber-attack
The article has changed 5 times. There is an RSS feed of changes available.
| Version 2 | Version 3 |
|---|---|
| M&S resumes online orders six weeks after cyber-attack | |
| (about 1 hour later) | |
| Retailer estimated to have lost about £25m a week after it was forced to pause online shopping | Retailer estimated to have lost about £25m a week after it was forced to pause online shopping |
| Business live – latest updates | Business live – latest updates |
| Marks & Spencer has reopened its website to shoppers, six weeks after it was forced to halt online orders after a cyber-attack. | Marks & Spencer has reopened its website to shoppers, six weeks after it was forced to halt online orders after a cyber-attack. |
| On its website, M&S said customers “can now place online orders with standard delivery to England, Scotland and Wales”, while deliveries to Northern Ireland will resume in the coming weeks. | On its website, M&S said customers “can now place online orders with standard delivery to England, Scotland and Wales”, while deliveries to Northern Ireland will resume in the coming weeks. |
| It said it would also resume click and collect, next-day and nominated-day delivery and international ordering in the coming weeks. | |
| In a social media post, John Lyttle, the retailer’s managing director for fashion, home and beauty, said: “We are bringing back online shopping this week. A selection of our best-selling fashion ranges will be available for home delivery to England, Scotland and Wales from today. | In a social media post, John Lyttle, the retailer’s managing director for fashion, home and beauty, said: “We are bringing back online shopping this week. A selection of our best-selling fashion ranges will be available for home delivery to England, Scotland and Wales from today. |
| “More of our fashion, home and beauty products will be added every day and we will resume deliveries to Northern Ireland and click and collect in the coming weeks.” | “More of our fashion, home and beauty products will be added every day and we will resume deliveries to Northern Ireland and click and collect in the coming weeks.” |
| M&S added: “We’re working hard to resume these services as soon as possible.” | M&S added: “We’re working hard to resume these services as soon as possible.” |
| The company’s shares rose by more than 3% in early trading and were among the top risers on the FTSE 100. | The company’s shares rose by more than 3% in early trading and were among the top risers on the FTSE 100. |
| The retailer is estimated to have been losing about £25m in online clothing and homewares sales a week after it was forced to stop taking orders on its website within days of “threat actors” – thought to be a hacking collective known as Scattered Spider – gaining access to its systems over the Easter weekend. | |
| The company expects the hack to cost it up to £300m in profits this year, although about half of that is expected to be offset by insurance and other measures. It had previously said disruption to its website could last until July, and some online services are not expected to restart immediately. | The company expects the hack to cost it up to £300m in profits this year, although about half of that is expected to be offset by insurance and other measures. It had previously said disruption to its website could last until July, and some online services are not expected to restart immediately. |
| Shoppers have been able to browse online, and shop in M&S’s physical stores using cash or cards, for most of the period since the hack. | |
| However, stocks of food and clothing in stores have also been affected, meaning M&S has lost out during a busy period for retailers as a warm, sunny spring has driven an unexpected rise in household spending. | |
| M&S has also admitted that some personal information relating to thousands of customers – including names, addresses, dates of birth and order histories – was taken in the cyber-attack. | M&S has also admitted that some personal information relating to thousands of customers – including names, addresses, dates of birth and order histories – was taken in the cyber-attack. |
| Sign up to Business Today | Sign up to Business Today |
| Get set for the working day – we'll point you to all the business news and analysis you need every morning | Get set for the working day – we'll point you to all the business news and analysis you need every morning |
| after newsletter promotion | after newsletter promotion |
| Stuart Machin, the chief executive of M&S, has said he expects the retailer to recover “at pace”, helped by bringing forward investment in its IT systems and website as part of the systems rebuild forced on it by the hackers. | |
| Machin said last week that he “went into shock” when he was first told late at night about the ransomware attack. He insisted it did not cause a “crisis” but was more of “a setback, a bump in the road” for M&S. | |
| “I went into shock. It’s in the pit of your stomach, the anxiety. But you have to think: ‘Stuart, you have to lead this, you have to keep a cool head,’” Machin told the Mail on Sunday. As a result, the company will speed up efforts to overhaul its digital infrastructure, which was originally due to take three years but may now take a year and a half. | |
| “I have learned everyone is vulnerable. The hackers only need to be lucky once,” Machin said. | |
| The attack on M&S emerged days before cyber-attacks were reported by the Co-op and Harrods. More recently, the sportswear brand Adidas and the lingerie group Victoria’s Secret have also been targeted. | The attack on M&S emerged days before cyber-attacks were reported by the Co-op and Harrods. More recently, the sportswear brand Adidas and the lingerie group Victoria’s Secret have also been targeted. |