M&S aims for full online restoration within four weeks following major cyber attack
The retailer’s CEO has set an August deadline to resolve the bulk of issues from the £300 million breach
Marks & Spencer (M&S) expects its online operations to be fully restored within the next four weeks as the retailer continues its recovery from a major cyber attack in April.
Speaking at the company’s annual general meeting, CEO Stuart Machin said the company hopes to have the “vast majority” of the incident’s impact resolved by August, the BBC reported.
The attack, which the company has attributed to “human error” and estimated will cost around £300 million in lost profit, forced M&S to halt online sales and has significantly disrupted its supply chain, including operations at its key Castle Donington distribution centre. The breach also resulted in the theft of customer personal data.
The announcement is the latest step in a multi-month recovery process. As ITPro has reported, the crisis first unfolded in April when M&S was forced to suspend all online orders.
M&S later confirmed in May that customer personal data had been compromised, linking the breach to a supply chain partner. By June, the full financial scale of the incident was revealed, with the warning of a £300 million profit hit and continued operational disruption.
While the main e-commerce site for Great Britain has partially resumed service, key functions like click-and-collect and next-day delivery remain offline.
The recovery timeline provides a critical update for a breach that has had a sustained operational and financial impact on one of the UK’s best-known retailers.
M&S fallout may continue beyond planned restoration date
Julius Cerniauskas, CEO of web intelligence firm Oxylabs, told ITPro that the incident highlights the persistent threat of social engineering.
“Investment alone isn’t a silver bullet," he said. "Attackers are constantly evolving their techniques, and social engineering – tricking people rather than systems – is still one of the most effective entry points.”
Cerniauskas noted that while a full operational recovery by August would be a “solid achievement,” the business impact can continue long after technical systems are restored.
"It’s not a question of if you'll be targeted - but when,” he added.
The fallout from the incident may also affect executive remuneration. According to reports from the Evening Standard, chairman Archie Norman confirmed that any drop in performance caused by the attack "will be taken into account with regards to incentive pay".
Norman added that the recovery is progressing, with "new systems coming back" each week.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
European Commission opens public consultation on draft for high-risk AI guidelinesNews Guidance aims to help organizations and regulators decide whether their AI products and deployments need to conform to tougher rules
-
Microsoft reveals Surface Pro and Surface Laptop for BusinessNews New 13in Pro and Laptop claim big performance improvements and vast AI capabilities
-
Tycoon 2FA is down, but not out – researchers warn the phishing as a service operation is still a huge threat to businessesNews Millions of Tycoon 2FA attacks are still hitting businesses, according to research from Barracuda
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
Interpol teams up with tech firms to seize 45,000 malicious IPs, servers in global cyber crime crackdownNews Operation Synergia III saw 94 arrests - and counting - with malicious IP addresses used in phishing and fraud schemes seized
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
-
Cloudflare warns state-backed hackers are ‘weaponizing legitimate enterprise ecosystems’ as ‘living off the land’ attacks surge
News Chinese, North Korean, and Russian-backed threat groups now favor longer-term compromises over brute force attacks
-
DIY hackers are turning to ‘flat-pack’ malware components to speed up attacks and cut costsNews While these malware campaigns are very basic, researchers noted “they still work”
-
Security expert warns Salt Typhoon is becoming 'more dangerous' after Norwegian authorities lift lid on critical infrastructure hacking campaignNews The Chinese state-backed hacking group has waged successful espionage campaigns against an array of organizations across Norway.
-
The FBI has seized the RAMP hacking forum, but will the takedown stick? History tells us otherwiseNews Billing itself as the “only place ransomware allowed", RAMP catered mainly for Russian-speaking cyber criminals
