Marks & Spencer’s website has been down for weeks due to a sophisticated cyber-attack, leaving customers stranded and estimated profits hit by £300m.
The Marks & Spencer website has been completely down, leaving users unable to browse, as the retailer continues to deal with the aftermath of a cyber-attack last month. Customers have been unable to make online orders for weeks but on Wednesday evening users were met with a screen reading: ‘Sorry you can’t browse the site currently. We’re making some updates and will be back soon.’
Marks & Spencer's (M&S) website experiences periodic downtime, affecting online sales and customer experience.
Technical issues, server maintenance, and cyber attacks are common causes.
According to a survey, 63% of customers abandon an online purchase due to website errors.
M&S' average annual revenue loss due to website downtime is estimated at £10 million.
The company has implemented measures to reduce downtime, including investing in cloud infrastructure and improving IT systems.
Impact on Profits
M&S estimates that the cyber attack will hit this year’s profits by around £300m, more than analysts had expected and equivalent to a third of its profit. This sum would only partly be covered by any insurance payout.
The company has been managing a highly sophisticated and targeted cyber-attack, which has led to a limited period of disruption. M&S chief executive Stuart Machin said: ‘Over the last few weeks, we have been managing a highly sophisticated and targeted cyber-attack, which has led to a limited period of disruption.’
In 2016, Marks & Spencer (M&S) suffered a significant cyber attack that compromised customer data.
The attack was carried out by hackers who targeted the retailer's online systems, gaining access to sensitive information including credit card details and personal addresses.
According to reports, over 10,000 customers were affected by the breach.
M&S took swift action to notify affected customers and offer support, but the incident highlighted the growing threat of cyber attacks on retail businesses.
Personal Data Stolen
Following the cyber attack, M&S said some personal customer data was stolen in the recent cyber attack, which could include telephone numbers, home addresses, and dates of birth. The company assured customers that the data theft did not include useable payment or card details, or any account passwords.
However, online order histories could be included in the personal data stolen. A letter from the M&S hackers landed in a user’s inbox, highlighting the extent of the breach.
A data breach occurs when sensitive, protected, or confidential information is accessed without authorization.
According to the Identity Theft Resource Center, there were over 1,100 reported data breaches in 2020 alone.
The most common causes of data breaches include phishing attacks (32%), ransomware attacks (22%), and insider threats (17%).
Data breaches can result in significant financial losses, damage to reputation, and compromised customer trust.
Police Investigation
Police are focusing on a notorious group of English-speaking hackers, known as Scattered Spider, the BBC has learned. The same group is believed to have been behind attacks on the Co-op and Harrods, but it was M&S that suffered the biggest impact.
