Marks & Spencer Group PLC (M&S), one of the UK’s most prominent retailers, has confirmed it is managing the aftermath of a cyberattack that disrupted parts of its payment and online order systems.
The company moved swiftly to address the breach, reassuring customers that stores remain open and digital platforms are functioning, albeit with some operational adjustments.
Swift Response and Ongoing Investigation
M&S disclosed that it became aware of the cyber incident in recent days and immediately enacted precautionary measures to protect both customers and the business.
These measures included minor, temporary changes to store operations. While the specific nature of the attack has not been detailed, the company emphasized that the safety of customer data and the continuity of service are top priorities.
External cybersecurity experts have been brought in to assist with the investigation and management of the incident. M&S is also taking additional steps to strengthen its network defenses and ensure continued customer service.
The company has reported the breach to the relevant data protection supervisory authorities as well as the UK’s National Cyber Security Centre, underscoring the seriousness with which it is treating the event.
Customer Impact and Communication
Despite the disruption, M&S has confirmed that all stores remain open and that both its website and mobile app are operating as normal.
However, some customers may have experienced temporary inconvenience due to the protective changes made in response to the incident.
The company expressed regret for any disruption caused and reiterated its commitment to transparency, promising to provide updates should the situation evolve.
Customer trust remains central to M&S’s response.
The company’s statement highlighted that maintaining the security of customer information is of utmost importance, and that every effort is being made to minimize further impact.
M&S has encouraged any concerned customers to reach out to its Investor Relations or Corporate Press Office for more information.
Business Continuity and Upcoming Results
The cyberattack comes at a critical time for M&S, with its financial year having ended on 29 March 2025.
The retailer is scheduled to announce its full-year results on 21 May 2025, and stakeholders will be watching closely to see if the incident has any material impact on performance or customer confidence.
As investigations continue, M&S’s handling of the situation will be scrutinized as a test of its resilience and commitment to data security.
The company’s proactive engagement with authorities and cybersecurity experts signals a robust approach to crisis management, aiming to restore full confidence among its customers and investors.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The company moved swiftly to address the breach, reassuring customers that stores remain open and digital platforms are functioning){kind=link}