British retail giant Marks & Spencer has confirmed a cybersecurity incident that has caused ongoing disruption across its operations, including store systems and customer services. The company informed customers on Tuesday via a notice signed by CEO Stuart Machin, stating it has been “managing a cyber incident” for several days and has taken operational measures to protect customers and the business.
Disruptions and Investigations Underway
While Marks & Spencer’s website and mobile app remain operational, several customers have reported technical issues at physical locations. Some said they were unable to use payment card terminals, while others experienced problems with order pick-ups and click-and-collect services. The company began limiting contactless payments and store services on Monday, though contactless functionality has since been restored, according to company spokesperson Lucy Reynolds.
Despite repeated questions, the company has not disclosed the nature of the cyberattack, whether any data was compromised, or if any ransom demand was made.
In a regulatory filing with the London Stock Exchange, Marks & Spencer confirmed it had engaged external cybersecurity experts and notified data protection regulators. The company has yet to issue a public explanation of the incident’s cause or scope.
Marks & Spencer responded to a customer complaint on X (formerly Twitter), saying it is “working hard to resolve some technical issues in our stores.”
As outlined in its 2024 annual report, Marks & Spencer serves 32 million customers annually, highlighting the potential scale of impact if customer data or services are affected. Customers are advised to monitor official communications for further updates.
