Marks & Spencer Cybersecurity Incident - Updates & Information

Marks & Spencer Addresses Cybersecurity Incident and Service Disruptions

Marks & Spencer, a leading retail company, has publicly acknowledged a recent cybersecurity incident. This confirmation follows reports from customers experiencing ongoing disruptions and system outages.

Incident Details and Company Response

The retailer, headquartered in Britain, informed its customer base on Tuesday about the ongoing management of a cyber incident spanning several days. A notice, reviewed by TechCrunch, was signed by chief executive Stuart Machin.

Machin stated that operational adjustments were implemented as a precautionary measure to safeguard both customers and the integrity of the business.

Operational Status

Despite the incident, Marks & Spencer maintains that its physical stores are currently open to the public. Furthermore, the company reports that its website and mobile application are functioning without interruption.

Regulatory and Expert Involvement

A filing submitted to the London Stock Exchange revealed that Marks & Spencer has enlisted the assistance of specialized external cybersecurity experts. These experts are actively investigating the nature and scope of the incident.

Data protection authorities have also been notified, adhering to regulatory requirements.

Uncertainties Regarding the Attack

At this time, the specific details of the cyberattack remain unclear. It is currently unknown whether customer data has been compromised as a result of the incident.

Customer Reports of Outages

Several customers have reported issues, including failures with in-store payment card terminals. Similar outages and disruptions to order pick-up services have been documented by other customers on various social media platforms.

Operational Limitations and Restoration

According to Marks & Spencer spokesperson Lucy Reynolds, the company initiated limitations on certain operations beginning Monday. These included restrictions on store click and collect pick-ups and temporary suspension of contactless payment options.

Reynolds confirmed that contactless payment functionality has since been restored.

Limited Disclosure

The spokesperson declined to provide further details concerning the specifics of the cyberattack.

Customer Communication

In a response to a customer inquiry on X, Marks & Spencer indicated that efforts are underway to resolve technical issues affecting some of its stores.

Customer Base

Marks & Spencer’s 2024 annual report indicates the company serves approximately 32 million customers annually.

This article has been updated to include responses received from Marks & Spencer.