The supermarket giant M&S this week revealed that the Easter weekend cyber attack is expected to cost the company around £300million
Marks and Spencer has warned that ongoing disruption from its cyber attack last month could last until July. The supermarket was targeted last month on Easter weekend but shoppers are still currently unable to order from M&S online.
The supermarket this week revealed the cyber attack is expected to cost the company around £300million. Customer data, which could have included names, email addresses, addresses and dates of birth, was also taken by the hackers.
Here we explain what happened and what it all means for M&S shoppers.
What happened?
The retailer first noticed “suspicious activity” around its IT systems during the Easter weekend. The incident affected some payments, including contactless, while click and collect orders were impacted as well.
Its logistics and distribution systems were also disrupted, resulting in some empty shelves in stores. Most of these issues were sorted relatively quickly – but online orders on the M&S website remain paused for now.
Who is behind the cyber attack?
It has been reported that the cyber attack is being linked to hacking group Scattered Spider – with some of the hackers believed to be just teenagers.
Paul Foster, head of the National Crime Agency national cyber-crime unit, told the BBC: “We are looking at the group that is publicly known as Scattered Spider, but we’ve got a range of different hypotheses and we’ll follow the evidence to get to the offenders.”
M&S chief executive Stuart Machin told reporters that hackers gained access to its IT systems through a third party after “human error” rather than a weakness in the system.
He said: “Unable to get into our systems by breaking through our digital defences, the attackers did try another route, resorting to that term social engineering by entering through a third party.”
When will stores be back to normal?
M&S stores are largely back to normal in terms of stock availability, but online orders remain paused around four weeks after they were first halted.
Shoppers can still browse M&S products online – you just can’t make a purchase. M&S expects the disruption could continue into July.
Mr Machin said that around 85% of its range would be first made available online again, as it restores different parts of its online distribution network.
Do M&S shoppers need to worry?
The company has confirmed that personal customer data, including names, email addresses, addresses and dates of birth, were stolen in the attack.
Because of this, it is advised that shoppers take extra caution if they are contacted by someone who claims to be from M&S. In an email to shoppers, Jayne Wall, operations director at M&S, said there is no evidence that this data has been shared.
The data also does not include useable card or payment details, or any account passwords. The supermarket said shoppers will still be prompted to change their password next time they log in to their M&S account as a matter of caution.
M&S said: “You do not need to take any action, but you might receive emails, calls or texts claiming to be from M&S when they are not, so do be cautious.
“Remember that we will never contact you and ask you to provide us with personal account information, like usernames, and we will never ask you to give us your password.”
