M&S Cyberattack Disrupts Online Orders and Operations
Hundreds of Agency Staff Sent Home
Key Points:
- M&S hit by major cyberattack, prompting service suspensions
- Hundreds of agency workers told not to come into work
- Online orders paused, gift cards and contactless payments disrupted
- Growing customer frustration over communication and delivery delays
- Reputational risks mounting as cyber experts work around the clock
M&S Faces Online Chaos Following Major Cyberattack
Marks & Spencer (M&S) has been thrown into operational turmoil following a serious cyberattack that has affected its online services and logistics. As the retailer battles to contain the damage, hundreds of agency workers at its Castle Donington distribution centre in the East Midlands have been told to stay at home.
The site, responsible for clothing and homeware distribution, is heavily reliant on temporary staff—who make up around 20% of its workforce. M&S’s permanent employees are continuing to work at the facility, but the disruption has already impacted deliveries, online orders, and customer satisfaction.
Online Orders Suspended – Limited Communication Frustrates Shoppers
Since disclosing the cyberattack last week, M&S has halted online orders and suspended certain services, including gift card payments and parcel tracking. The company has provided minimal details on the nature of the incident, stating only that it is being managed “proactively” with help from cybersecurity experts.
Customers, however, are growing increasingly frustrated with the lack of communication. Some told the BBC they were left in the dark after orders failed to arrive or were cancelled.
Linda Sonntag from Norwich said her flower order never arrived, and she had to reorder from a different provider. “I don’t blame them for the cyberattack,” she said, “but their attitude towards customers hasn’t been helpful.”
Dawn Cunnington from Exeter reported a similar issue with a birthday flower delivery. “I received no update until I phoned them,” she said, though M&S did issue a refund and apology voucher.
Share Price Falls as Analysts Highlight Reputational Risks
M&S shares dropped 2.4% on Monday, following a near 10% decline last week, as investors expressed concern over the company's silence and slow recovery.
Experts are warning of significant reputational damage, especially as nearly one-third of M&S’s clothing and homeware sales come from online channels, worth an estimated £1.27 billion annually.
“Customers may now question whether their personal and financial details are safe,” said Dan Coatsworth, investment analyst at AJ Bell. “Trust is central to M&S’s brand, and that’s at risk if the situation drags on.”
Cybersecurity Teams Working Non-Stop to Contain Threat
While the company hasn’t disclosed specifics, it is believed that cybersecurity teams are working around the clock to identify and remove any threats from M&S’s systems. Experts suggest servers linked to ordering, payment, and logistics may have been taken offline to isolate the breach and prevent further spread of malicious software.
Sam Kirkman from NetSPI said: “Taking services offline may appear drastic, but it’s a key containment strategy. In-store services are often prioritised, meaning online recovery takes longer.”
Conclusion
The ongoing cyberattack has dealt a significant blow to Marks & Spencer’s digital operations, with customer confidence, sales, and investor trust all now under pressure. While physical stores remain open, the pause in online activity and poor communication have left many shoppers disappointed.
As cybersecurity specialists work to restore systems, M&S faces an uphill battle to rebuild customer trust and resume normal operations. The speed and transparency of its next steps will be crucial in protecting its long-established reputation.
Sources: (BBC.co.uk, Sky.com)
