I wonder if there was someone in M&S IT last weekend trying to get manglement to let him shut down everything there and then to stop the problem spreading...

I wonder how many of their customer still carry cash.

@Doctor Syntax - yes, you do expect teh sensible cause of action is "fear the worst" when it is ransomware (or whatever "infection") - no matter how good you think your thraet monitoring setup is, if a part of your system has been broken into then it is a cause for concern & shutting off other things is sensible as

a) they may be infected & yiou ahve not noticed

b) not infected, but given time the attackers will likely compromise that too, so pull the plug before that happens.

... Yes it is a massive business expense being cautious, but the optimistic approach they have taken does not seem to be working that well

"I wonder how many of their customer still carry cash."

That would be me. Always have some cash with me when shopping.

Might be worth mentioning that they were not redeeming credit notes in addition to all the other stuff on Monday last at least. I always manage to pick the till queue that has someone ahead of me with a major problem...

That would be me. Always have some cash with me when shopping.

Me as well. Those new people need to learn the wisdom of the old fellas.

I happened to have forgotten my wallet yesterday: my wife messaged me to tell me, and to ask me to pick up some food on the way home. M&S was easiest, so I ended up leaving twenty quids' worth at the till as I only had my phone on me; luckily there's a Sainsbury's sharing the same carpark who were happy to take my money. I doubt this is a major problem for M&S, as "old and middle class enough to shop in M&S, hipster enough to only carry a phone" is a tiny intersection, and even in this case it happened to be the first day probably in twenty years I hadn't got my wallet on me.

Had I had a card on me I would have been reluctant to insert it in their machine (fnarr), as if their IT is so screwed they can't accept contactless I wonder just how well they're going to process and protect my non-contactless data. The "whataboutcash" argument strikes me as a little besides the point: shops whose IT collapses to the point they can't accept contactless or card probably can't process stock transactions either, and without the ability to monitor in-store stock by counting sales they're in a world of pain greater than the small advantage of accepting cash. And in any event, few stores have the facilities to handle significant amounts of cash above the current, low, level of use.

M&S grocery stores have very few "human" tills left. The vast majority of transactions are cashless using the self-service tills.

So that's the grocery business crippled - but not closed.

The clothing and home part of the business has basically nothing that's under £20, and nobody carries more than £50 with them these days.

So that's the rest of the business closed entirely.

This incident is going to borderline bankrupt them.

There's M&S branches I can think of with anything from almost no to large numbers of cash-capable tills.

But as you say, few people carry any significant amount of cash and even in M&S's demographic a lot will carry essentially none.

So once a store is down to cash-only, even if it has the physical capability to handle it (some do) and even if it has the logistic and operational ability to handle it (most won't) the fact that people simply don't carry much cash will kill them. Loss of contactless while card remains working is less serious, because phone-only hipsters are rare.

M&S grocery stores have very few "human" tills left. The vast majority of transactions are cashless using the self-service tills.

There may be regional differences.

The ones round here (Gloucestershire/Warwickshire/Worcestershire) still have a decent mix of both types of tills. On Thursday morning they were still taking contactless payments without problems. In the cafe they apologised for the till being a bit slow, but explained that a cash payment wouldn't be any faster, the whole system was slow (but working). The self-service tills were running fine, with contactless payments.

contactless failed wednesday... and also for girl in front.

so did monzo ... chip and pin... normally posts immediately. but came through 2 days later.

lot going on still....

What do people think this is? Ransomware? Whatever it is, it's been causing a headache for a number of days - It's pretty nuclear to shut down your e-commerce site!

For what it's worth, I used contactless in my local M&S yesterday to pay.

Probably a rough weekend ahead for the team involved in this. Good luck.

A while back, my online account had someone elses details. I wrote to them, and they denied that there was an error. I replied with full details of the other persons data, which they then seemed to accept.

Previous to this, there were rumours of a cyber incident :

http://metro.co.uk/2015/10/28/marks-spencer-website-goes-down-after-data-breach-5466135/

http://www.ibtimes.co.uk/marks-spencer-says-site-was-not-hacked-admits-data-breach-1526236

Now we have this one too.

Were they hacked last time or not ?

Was my issue another cyber problem, or a botched database system change ?

So, in general, they are crap.

Yes, that's right, it's those paragons of quality, TCS.

Honestly signing off on outsourcing to the likes of TCS should be grounds for immediate dismissal for gross negligence.

None of the TCS people I've ever had the pleasure(?) of working with have ever had the first understanding of security, and have always treated it as an afterthought at best.