Marks & Spencer resumes online orders after 46-day cyberattack pause
Majority of M&S clothing range available for home delivery but ‘cyber incident’ likely to sap £300m of profit
10 June 2025 - 15:37
byJames Davey and Paul Sandle
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
A Marks and Spencer logo in Cheshire, Britain. Picture: REUTERS/JASON CAIRNDUFF
London — British retailer Marks & Spencer resumed taking online orders for clothing lines on Tuesday after a 46-day hiatus following a cyberattack.
Shares in M&S, one of the best-known names in British business, were up 3.5% after it restarted standard home delivery in England, Scotland and Wales for the majority of its clothing range.
“It’s not the full range at the moment. We’ve focused on best sellers and newness,” an M&S spokesperson said.
“We’ll be bringing product online everyday so customers will see that grow over the coming days.”
M&S said delivery to Northern Ireland will resume in the “coming weeks”, as will click and collect services, next-day delivery, nominated-day delivery and international ordering.
The 141-year-old M&S stopped taking clothing and home orders through its website and app on April 25 after problems with contactless pay and click and collect services over the Easter holiday weekend.
It first disclosed it had been managing a “cyber incident” on April 22.
M&S said last month it expected online disruption to continue into July and forecast the attack would cost it about £300m in lost operating profit in its 2025/26 financial year, though it hopes to halve the impact through insurance and cost control.
The disruption to systems also affected M&S’s ability to get food and clothing into stores, which meant it lost out on demand boosted by warm and sunny weather.
Analysts have predicted the end-of-season clothing sale will be larger than normal and with deeper discounts.
Taking account of Tuesday’s rise, M&S shares are down 9.5% since it disclosed the attack.
M&S said hackers broke into its systems by tricking employees at a third-party contractor, skirting its digital defences to launch a cyberattack.
The group has said it will use the crisis to accelerate improvements to its technology.
In recent weeks, several other major retailers across the globe have disclosed cyber incidents, including UK grocer the Co-op Group, German sportswear group Adidas, luxury jeweller Cartier and US lingerie company Victoria’s Secret.
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Marks & Spencer resumes online orders after 46-day cyberattack pause
Majority of M&S clothing range available for home delivery but ‘cyber incident’ likely to sap £300m of profit
London — British retailer Marks & Spencer resumed taking online orders for clothing lines on Tuesday after a 46-day hiatus following a cyberattack.
Shares in M&S, one of the best-known names in British business, were up 3.5% after it restarted standard home delivery in England, Scotland and Wales for the majority of its clothing range.
“It’s not the full range at the moment. We’ve focused on best sellers and newness,” an M&S spokesperson said.
“We’ll be bringing product online everyday so customers will see that grow over the coming days.”
M&S said delivery to Northern Ireland will resume in the “coming weeks”, as will click and collect services, next-day delivery, nominated-day delivery and international ordering.
The 141-year-old M&S stopped taking clothing and home orders through its website and app on April 25 after problems with contactless pay and click and collect services over the Easter holiday weekend.
It first disclosed it had been managing a “cyber incident” on April 22.
M&S said last month it expected online disruption to continue into July and forecast the attack would cost it about £300m in lost operating profit in its 2025/26 financial year, though it hopes to halve the impact through insurance and cost control.
The disruption to systems also affected M&S’s ability to get food and clothing into stores, which meant it lost out on demand boosted by warm and sunny weather.
Analysts have predicted the end-of-season clothing sale will be larger than normal and with deeper discounts.
Taking account of Tuesday’s rise, M&S shares are down 9.5% since it disclosed the attack.
M&S said hackers broke into its systems by tricking employees at a third-party contractor, skirting its digital defences to launch a cyberattack.
The group has said it will use the crisis to accelerate improvements to its technology.
In recent weeks, several other major retailers across the globe have disclosed cyber incidents, including UK grocer the Co-op Group, German sportswear group Adidas, luxury jeweller Cartier and US lingerie company Victoria’s Secret.
Reuters
International business briefs: Swiss consumer prices decline in May
Marks & Spencer online taking time to recover after costly cyberattack
Coinbase says cyberattack could cost it up to $400m
Harrods becomes third high-profile British retailer targeted by cyberattack in two weeks
Marks & Spencer tells some staff to stay home amid cyberattack
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
Most Read
Related Articles
Budget retailer Dollar General posts strong sales, lifts annual targets
Shein aims to list in Hong Kong as London IPO stalls, sources say
Pernod Ricard cognac chief replaced after sales tumble
Home Depot beats quarterly sales forecasts
Published by Arena Holdings and distributed with the Financial Mail on the last Thursday of every month except December and January.