Massive Cyber-Attack Halts Marks & Spencer Operations

Marks & Spencer experienced a massive cyberattack that completely halted its online operations, including website and app transaction processing. While customers could still browse products, all new orders were suspended as a precautionary measure stores remained open for in-person shopping.
The breach, which began during the Easter weekend, also disrupted click-and-collect services, contactless payments, and other in-store functionalities. M&S relied on manual processes to keep certain operations running while experts investigated the incident
It was later confirmed that the attack was a ransomware incident orchestrated by the Scattered Spider group, who exploited social engineering tactics posing as legitimate employees to trick a third-party service provider into granting access credentials.
The consequences were substantial: M&S faced estimated losses of around £300 million (approximately US$400 million), making this one of the costliest cyber-incidents in UK retail history.