- M&S facing ongoing disruption after a cyberattack
- The attack has affected contactless payment and Click and Collect systems
- It's still not clear if any customer data is affected
British retail giant Marks and Spencer has had to take some systems and processes offline after suffering a cyberattack which disabled contactless and Click and Collect services in stores.
The disruption has now continued for several days, with many stores still unable to process contactless payments, and Click and Collect now paused in all stores. New updates have confirmed that M&S has now halted online orders as it deals with the attack, The Independent reports.
The retailer confirmed in a statement that in order to protect colleagues, partners, suppliers, and the business, M&S has “made the proactive decision to move some [of our] processes offline”, which would be consistent with the response to a ransomware attack - although its not yet clear if this is the case.
Retail at risk
Physical stores, the website, and the M&S App are still up and running, but this disruption could be seriously costly for a store as big as this - as operational losses and damage to reputation for stores can be costly.
The retail industry is a common target for cybercriminals, as even a few hours of downtime can cost millions of dollars, making firms more likely to pay a ransom, and therefore more vulnerable.
Earlier in 2025, Walmart membership programme ‘Sam’s Club’ was hit with a ransomware attack that reportedly affected thousands of staff - illustrating the sector’s vulnerability.
“The retail industry is operating on a very small profit margin, and therefore the amount of attention or budget they can give to addressing their cybersecurity posture is usually scarce,” explains Pierre Noel, Field CISO EMEA at Expel.
“To address this, retailers must implement a continuous cyber risk quantification programme. One of its outcomes is to generate and price credible incident scenarios, as well as to identify mitigating controls and their associated costs. This information is very meaningful for senior executives and the board, communicates effectively, and places the responsibility on them to determine which risks are acceptable and which are not.”
You might also like
- Take a look at our picks for the best malware removal software around
- Check out our choice for best antivirus software
- Starbucks has gone back to pen and paper after vendor ransomware attack
