British retailer Marks & Spencer (M&S) has recommenced online clothing orders after a 46-day disruption caused by a cyber incident.
The retailer confirmed in a LinkedIn post that it has reinitiated standard home delivery across England, Scotland and Wales for most of its clothing range.
Go deeper with GlobalData
On 25 April 2025, the retailer ceased taking clothing and home orders via its website and app following the cyber incident. The attack also affected its in-store operations, including the contactless payment system and the collection of online orders during the Easter holiday weekend.
M&S first reported managing a “cyber incident” on 22 April and later confirmed that customer data, including online order histories, had been compromised.
The company is gradually reintroducing products online, with the spokesperson adding: “we’ll be bringing product online every day so customers will see that grow over the coming days”.
Delivery to Northern Ireland and additional services such as click and collect, next-day delivery and international ordering are expected to resume in the “coming weeks.”
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataThe cyber attack is estimated to have caused losses of £300m ($388.3m) in operating profit for the financial year 2025/26. M&S is seeking to mitigate the impact through insurance and cost control measures.
The systems disruption also led to challenges in stocking food and clothing, particularly during a period of high demand due to favourable weather conditions.
M&S has acknowledged that the attack was carried out by targeting employees at a third-party contractor, circumventing its digital defences.
The retailer is focusing on using this crisis to expedite technological improvements, and has stated in its financial results release: “In the light of the recent cyber incident, we are using the disruption to bring forward investment, rephasing the original programme, accelerating plans to upgrade infrastructure and network connectivity, store and colleague technology, and supply chain systems.
“This will reduce the inter-dependency of systems and improve operational resilience. Our overall aim remains the same, to improve technology foundations, simplify infrastructure and applications, to increase resilience further and lower technology run costs.”
The cyberattack on M&S is not an isolated case. Several other global retailers have recently reported similar incidents, including the Co-op Group in the UK and Adidas, Cartier and Victoria’s Secret in the US.
