M&S hacking: Marks & Spencer faces over $400 million cyberattack bill, Online sales hit until July

TOI Tech Desk / TIMESOFINDIA.COM / May 21, 2025, 14:24 IST

Text Size

Small
Medium
Large

Marks and Spencer (M&S) faces a significant financial blow, projecting a 300 million pound loss due to a recent cyberattack that compromised customer data and disrupted online services. The retailer paused online orders and anticipates disruptions through July. Investigations suggest hackers may have gained access through third-party routes, impacting online sales and trading profit.

Marks & Spencer

Marks and Spencer (M&S) announced on Wednesday (May 21) that a cyberattack impacting its online services is projected to cost the group 300 million pounds ($404 million) and will likely cause disruption through July. Last week, the British retailer disclosed that personal customer data had been stolen in a cyberattack, which has already crippled its online operations for several weeks."In Fashion, Home & Beauty, online sales and trading profit have been heavily impacted by the necessary decision to pause online shopping, however stores have remained resilient," M&S noted in a statement (via news agency AFP). The company anticipates that "online disruption to continue throughout June and into July as we restart, then ramp up operations."The estimated impact on the annual group operating profit is "around 300 million pounds," which M&S expects to mitigate through cost management, insurance and other trading actions.

Hackers may have gained entry via third party

According to reports, the hackers behind the cyberattack on M&S may have gained access to the systems via third-party routes. DragonForce - the name the hackers are using - was reportedly behind the hacking the Co-op and an attempted hack on Harrods.

Soon after the hacking, the brand paused taking orders via website and apps."As part of our proactive management of a cyber incident, we have made the decision to pause taking orders via our M&S.com websites and apps. Our product range remains available to browse online. We are truly sorry for this inconvenience. Our stores are open to welcome customers," it said in a statement.M&S confirmed that stolen information could include names, dates of birth, home addresses, and telephone numbers, but emphasised that "useable payment or card details" and account passwords were not compromised.

M&S announces quarterly results

The announcement coincided with M&S reporting an operating profit before adjusting items of 985 million pounds for its financial year ending in March. Following this update, the company's share price fell by 2.5% at the opening of trading in London.

AI Masterclass for Students. Upskill Young Ones Today!– Join Now

About the Author

TOI Tech Desk

The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk’s news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.

End of Article