- Marks & Spencer is facing the aftermath of a cyberattack that disrupted its digital operations
- Three weeks later, online orders are still not available
- While customer contact data was breached, payment information and passwords remain secure
Marks & Spencer continues to grapple with the impact of a cyberattack that occurred three weeks ago, leading to significant service disruptions.
The retailer has confirmed that its online ordering system is still inactive following the incident. Compromised customer information includes names, telephone numbers, and addresses, although account passwords and credit card details were not exposed.
This cyber incident has visibly affected M&S, with an estimated decline of around £1 billion in its market value. While shoppers can still make purchases in-store and use contactless payment options, the website and mobile app remain offline for order placement.
Persistent Issues
Current visitors to the M&S website will encounter a message indicating that the company has paused all online ordering as a precautionary measure following the cyber event. They express genuine regret over the inconvenience caused while confirming that stores remain open for business.
The cybercriminals involved have reportedly utilized a hacking service named DragonForce, infamous for offering tools for ransomware attacks. This group is known for its “double extortion” tactic—securing data while simultaneously encrypting it to force victims into paying a ransom.
In response to the breach, M&S took immediate action by working with cybersecurity experts and alerting relevant authorities. The company proactively contacted affected customers via email to inform them of the situation and recommended resetting their passwords as a precautionary action.
At this point, there has been no evidence of any M&S data being listed on DragonForce’s darknet marketplace, though cybersecurity specialists caution that the risk of potential data exposure or resale still looms.
The retailer has not released specific figures regarding how many individuals have been impacted, but its most recent report indicated a customer base of 9.4 million active users.
Other retailers in the UK, such as Co-op and Harrods, are also confronting similar cyber threats. Co-op, which faced a comparable incident, is reportedly making progress towards restoring its online services for suppliers.
M&S has publicly expressed remorse for the disruption its consumers are experiencing and has pledged to implement measures designed to bolster security across its systems. However, a definitive timeline for the restoration of full online functionalities remains unknown.
