Marks & Spencer (M&S) has paused all online orders following a significant cyber attack that has left the company working to restore its systems. The retailer confirmed the cyber incident earlier this week, after customers began experiencing issues with online services last weekend.
While some systems have been brought back online, others remain offline, forcing M&S to stop taking orders through its website and apps. This includes both food deliveries and clothing purchases. The company issued an apology for the inconvenience, acknowledging the disruption and stating that its team, supported by cyber experts, is working tirelessly to resolve the situation.
M&S took to social media to address customers, writing: “We are truly sorry for this inconvenience. Our experienced team, supported by leading cyber experts, is working extremely hard to restart online and app shopping. We are incredibly grateful to our customers, colleagues and partners for their understanding and support.”
Despite the online disruption, M&S has confirmed that its physical stores remain open and operational. This announcement follows earlier problems that affected the Click & Collect service and issues with gift card payments, both in-store and online.
The company further clarified that gift cards, e-gift cards, and credit receipts cannot currently be used as a payment method, either online or in-store. However, M&S reassured customers that any Click & Collect orders that had already been processed should still be available for pickup in stores. The company is holding all parcels until further notice to ensure no items are mistakenly returned.
The cyber attack has prompted M&S to report the incident to the National Cyber Security Centre (NCSC), which is providing support as part of the response. The National Crime Agency (NCA) is also involved, assisting the company in managing the situation.
This incident places M&S among several high-profile businesses that have recently experienced significant disruptions to their online services. Last year, Morrisons faced major issues with Christmas orders, leading to cancellations and problems with applying discounts. Additionally, the first months of this year saw major IT failures affecting the banking sector, with Barclays and Lloyds experiencing large-scale outages that disrupted their services, including payroll functions for businesses.
For now, M&S customers are advised to continue using in-store services while the company works to resolve the ongoing technical issues. The firm has emphasised its commitment to restoring online services as quickly as possible, with updates expected in the coming days.
As the situation unfolds, customers will likely continue to feel the impact of the cyber attack, particularly in relation to online shopping and payment processing. M&S has yet to provide a clear timeline for when it expects online orders to resume, but it remains focused on resolving the issue swiftly.
This incident highlights the growing concerns about cyber security for major retailers and businesses, as they increasingly become targets for cyber attacks. The scale of the disruption faced by M&S demonstrates the far-reaching consequences of such attacks, not just for companies, but for their customers and the wider economy.
