Business

M&S stock stabilises for barbecue weekend despite ongoing cyberattack disruption

Friday, 16 May 2025 12:22AM UTC

Marks & Spencer reports improving stock levels in stores ahead of the barbecue weekend, even as its online sales remain suspended following a damaging cyberattack by the Scattered Spider group that has cost the retailer millions and dented consumer confidence.

Marks & Spencer (M&S) has announced a regained sense of normalcy in its inventory levels just in time for the barbecue weekend, following a severe cyberattack that has plagued its operations since Easter. The company claims that stock availability is "looking better every day," with a focus on popular warmer weather items such as barbecues and fresh bakery goods. After experiencing significant disruption from the attack, M&S is keen to reassure customers that in-store access remains operational, allowing them to purchase needed items, even as online orders remain suspended.

The fallout from the cyber incident has been substantial, with M&S reported to be losing an estimated £43 million a week according to Bank of America analysis. Following the attack, which involved the hacking group known as Scattered Spider, M&S was forced to halt all online transactions, bringing total daily online sales, which typically reach £3.8 million, to a grinding halt. This disruption has not only affected their digital sales but has also caused significant logistical challenges, leading to empty shelves in various stores.

The company has maintained that its physical stores are unaffected by these issues, yet the impact on logistics has raised concerns about the efficiency of its supply chains. M&S has been collaborating with the UK's National Cyber Security Centre to investigate the breach and mitigate its consequences. Furthermore, they have issued warnings to their customers to be vigilant of potential phishing schemes, as the data compromised in the attack could result in fraudulent communications appearing to originate from M&S.

Other retailers have found themselves in similar situations, facing cyber threats from the same group. The Co-op, for instance, was able to limit its losses by quickly taking necessary precautions, including taking computers offline. In contrast, M&S has seen its shares tumble by more than 13 per cent since the incident, erasing over £1 billion from its market value, as the company continues to grapple with the ramifications of the attack.

In light of these complexities, consumer trust has become a pressing concern for M&S. Although the retailer has stated that no card or payment details were compromised, they have urged vigilance among customers who may receive unsolicited communications purportedly from the brand. This emphasizes the need for heightened cybersecurity measures not just within M&S but across the retail sector as a whole.

The situation serves as a stark reminder of the scale and frequency of cyberattacks in today's digital landscape, posing threats not only to corporate infrastructures but also risking personal data security across the consumer base. As M&S works to restore full functionality to its online services and reassure customers, the industry is left to reflect on the importance of robust cybersecurity measures in safeguarding against such disruptions.

Reference Map

Paragraph 1: ^[1]
Paragraph 2: ^[1], ^[3]
Paragraph 3: ^[2], ^[5]
Paragraph 4: ^[2], ^[4]
Paragraph 5: ^[6], ^[7]
Paragraph 6: ^[1], ^[3], ^[6]

Source: Noah Wire Services

More on this

https://www.dailymail.co.uk/money/markets/article-14716831/Cyber-crooks-wont-spoil-BBQ-weekend-says-M-S-claims-stock-levels-normal.html?ns_mchannel=rss&ns_campaign=1490&ito=1490 - Please view link - unable to able to access data
https://cybernews.com/news/marks-spencer-cyberattack-online-sales-down-phishing-customers/ - Marks & Spencer (M&S) suspended all online sales transactions following a cyberattack that disrupted their systems. The company acknowledged the incident and is working with cybersecurity experts to restore services. Customers are advised to be cautious of potential phishing attacks during this period. M&S emphasized that in-store operations remain unaffected, and physical stores continue to operate normally. The retailer is collaborating with the UK's National Cyber Security Centre (NCSC) to investigate the breach and mitigate its impact on customers and operations.
https://www.nationalworld.com/business/consumer/marks-and-spencer-cyber-attack-how-long-online-ordering-down-how-much-losing-day-5118983 - Following a cyberattack, Marks & Spencer (M&S) has suspended online ordering, leading to significant financial losses. The retailer's online sales, averaging £3.8 million per day, have been halted for several days. While in-store operations continue, the disruption has affected logistics, causing empty shelves in some locations. M&S is working to resolve the issues and has not provided a specific timeframe for restoring online services. The company is also investigating the cause of the attack and its broader implications on operations.
https://www.northumberlandgazette.co.uk/business/ms-marks-and-spencer-scattered-spider-online-cyber-attack-uk-shopping-5110689 - Marks & Spencer (M&S) experienced a cyberattack attributed to the hacking group Scattered Spider, leading to the suspension of online orders and disruptions in store operations. The attack, believed to be ransomware, has affected M&S's ability to process online transactions and impacted logistics, resulting in empty shelves in some stores. The retailer is collaborating with cybersecurity experts and authorities to investigate the breach and restore normal operations. Customers are advised to be vigilant for potential phishing attempts during this period.
https://www.nationalworld.com/business/consumer/marks-spencer-cyberattack-update-5114900 - Marks & Spencer (M&S) is dealing with the aftermath of a cyberattack that has disrupted online orders and in-store operations. The attack has led to the suspension of online services, including Click & Collect, and has affected logistics, causing empty shelves in some stores. M&S is working to resolve the issues and has not provided a specific timeframe for restoring online services. The company is also investigating the cause of the attack and its broader implications on operations.
https://slcyber.io/blog/scattered-spider-linked-to-marks-spencer-cyberattack/ - A significant cyberattack on British retailer Marks & Spencer (M&S) has been linked to the hacking group Scattered Spider, known for previous breaches at major companies. The attackers deployed ransomware to encrypt key M&S systems, leading to the suspension of online sales and disruptions in store operations. The incident has raised concerns about the retailer's cybersecurity measures and the potential impact on customer data. M&S is collaborating with cybersecurity experts and authorities to investigate the breach and restore normal operations.
https://www.nationalworld.com/business/marks-spencer-ms-stops-online-orders-after-cyber-attack-fallout-5100203 - Marks & Spencer (M&S) has temporarily suspended all orders through its website and mobile apps following a cyberattack. The retailer confirmed that the disruption has affected online services and in-store operations, including Click & Collect services and contactless payments. M&S is working to restore online and app shopping and has reassured customers that there is currently no need for them to take any action. The company is collaborating with cybersecurity experts and authorities to investigate the breach and mitigate its impact.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 9

Notes: The narrative discusses an ongoing cyberattack on Marks & Spencer since Easter, referencing current stock and sales impacts, making it timely and recent. No outdated references or recycled content were detected. The mention of collaboration with the UK's National Cyber Security Centre and recent share price drops corroborate contemporaneous events.

Quotes check

Score: 7

Notes: Direct quotes such as 'looking better every day' regarding stock levels appear to originate from M&S statements in the context of the cyberattack. No earliest original online source for these quotes was identifiable, suggesting these are recent direct quotes from M&S representatives rather than repeated citations.

Source reliability

Score: 6

Notes: The narrative originates from a widely recognised but tabloid-style publication, Daily Mail, known for broad reach but sometimes variable reliability. The story aligns with reports by other reputable outlets referenced (e.g., National World, CyberNews), lending some cross-verification, but Daily Mail’s editorial nature warrants moderate caution.

Plausability check

Score: 9

Notes: Claims about the cyberattack, financial impact, supply chain issues, and responses by M&S and other retailers are plausible and consistent with known cybersecurity tactics and recent news cycles. The involvement of the group Scattered Spider and warnings about phishing are credible. No extraordinary or unverifiable claims are present.

Overall assessment

Verdict (FAIL, OPEN, PASS): PASS

Confidence (LOW, MEDIUM, HIGH): HIGH

Summary: The narrative presents a current and plausible account of the M&S cyberattack with timely details and direct quotes likely from original statements. While the publication is not top-tier in journalistic reputation, cross-referenced details increase trustworthiness. The story aligns well with recent developments, supporting a high confidence rating.

Marks & Spencer
cyberattack
retail supply chain
online sales disruption
cybersecurity