Summary
Marks & Spencer experienced a cyber-attack in April, accessed through a third party, affecting millions of pounds in sales and causing a pause in online orders. The retailer also reported the theft of some personal customer data, while efforts continue to restore their online systems.
Key Facts
- M&S was hit by a cyber-attack in April, accessed through a third party who could enter its systems.
- The company stopped taking online orders for over three weeks, leading to millions of pounds in lost sales.
- The hackers, calling themselves DragonForce, claim to have also targeted the Co-op and attempted to hack Harrods.
- Bank of America estimates M&S lost over £40 million in sales weekly since the attack.
- M&S shut down many IT operations to manage the attack, causing some stores to have empty shelves.
- About a third of M&S's sales depend on its online systems, which they are working to fully restore.
- Personal customer data, like names and contact information, was stolen, but complete card details were not accessible.
- M&S announced its stores are now stocked more normally, and operations are gradually resuming.
