- M&S is still dealing with the fallout of the cyberattack that hit its digital services
- Online orders remain paused three weeks after the hack took place
- Customer data stolen includes contact details but no passwords or payment information
Three weeks after Marks & Spencer was hit by a cyberattack, the retailer is still working to restore full services.
Online orders remain suspended, and the company has now confirmed that some customer data was stolen during the breach. The information taken may include names, addresses, phone numbers, dates of birth, and order histories. According to the company, no account passwords or usable payment details were exposed.
The attack has had a visible impact on M&S. Its market capitalization has dropped by around £1 billion since the incident, and while in-store shopping and contactless payments have resumed, the website and app are still offline for ordering.
Continued disruption
If you visit the site now, a message states, “As part of our proactive management of a cyber incident, we have made the decision to pause taking orders via our M&S.com websites, apps and over the phone. Our product range remains available to browse online. We are truly sorry for this inconvenience. Our stores are open to welcome customers.”
The hackers used a known cybercrime service called DragonForce, which provides tools for ransomware attacks. This group is associated with a method known as double extortion - stealing data and also encrypting it to pressure victims into paying a ransom.
M&S said it acted quickly to contain the breach, working with cybersecurity experts and notifying relevant authorities. Customers have been emailed about the incident and are being prompted to reset their passwords as a precaution.
So far, DragonForce’s darknet platform has not posted any leaked M&S data, but experts note there is still a risk of future exposure or sale.
The retailer has not confirmed how many individuals were affected, though its most recent annual report listed 9.4 million active online users.
Other UK retailers have also been targeted recently, including Co-op and Harrods. Co-op, which experienced a similar incident, is reportedly closer to resuming online operations for its suppliers.
M&S has apologized for the disruption and reassured customers that steps are being taken to secure systems. Despite this, it remains unclear when full online functionality will return.
You might also like
- Take a look at our picks for the best malware removal software around
- Check out our choice for best antivirus software
- Customer data stolen in M&S cyberattack
:quality(85):upscale()/2025/05/13/027/n/43463692/d67a3f8f6823d82fe85751.36590048_.jpg)
English (US) ·