M&S online ordering system operational 46 days after cyber shutdown
(2025/06/10)
- Reference: 1749552192
- News link: https://www.theregister.co.uk/2025/06/10/ms_resumes_online_orders_46/
- Source link:
UK retailer Marks & Spencer has reinstated online orders for some customers, marking a major milestone in its recovery from a cyberattack in April.
According to an update to its website on Tuesday, "select fashion ranges [are] now available to buy online" in England, Scotland, and Wales.
It's not a return to normal service yet, however. It said: "delivery to Northern Ireland will resume in the coming weeks," and that only standard shipping was available to customers.
[1]
That standard shipping option also appears to be delayed, with the company saying orders will take up to 10 days to arrive whereas pre-attack they typically arrived in 3-5 days. For deliveries to army bases, these could take up to two weeks.
[2]
[3]
M&S said this was to help manage customer demand.
"For now, Click & Collect, next day delivery and nominated day delivery, and international ordering are unavailable. We're working hard to resume these services as soon as possible."
[4]
Click & Collect orders were among [5]the first services M&S pulled offline following the attack. Initially the retailer explicitly said online and app orders were unaffected – but changed its tune just days later.
Since then, the company [6]confirmed customer data was stolen during the attack, the nature of which has not been revealed, despite being strongly rumored to involve [7]DragonForce ransomware.
It also estimated a [8]£300 million ($404.7 million) operating profits loss for the next financial year, although it hopes to reduce this through cost mitigations, insurance and trading actions, it said in its accounts recently.
[9]
The admission followed reporting from the [10]Financial Times that M&S was preparing to make a maximum claim on its cyber insurance policy worth around £100 million ($134 million).
[11]This is not just any 'cyber incident' … this is an M&S 'cyber incident'
[12]Marks & Spencer admits cybercrooks made off with customer info
[13]Here's what we know about the DragonForce ransomware that hit Marks & Spencer
[14]M&S warns of £300M dent in profits from cyberattack
The news of online orders returning, albeit a slimline version of them as M&S continues its recovery, led to its share price rising by around 3 percent after it took a chunky hit as a result of the attack.
At its lowest point, M&S's share price was down roughly 16 percent compared to its pre-attack performance, wiping more than £1 billion ($1.3 billion) off its market valuation.
M&S previously warned that website disruption could continue into July, but CEO Stuart Machin said it would use the "opportunity" to accelerate the company's digital transformation. ®
Get our [15]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
[6] https://www.theregister.com/2025/05/13/ms_confirms_customer_data_stolen/
[7] https://www.theregister.com/2025/05/15/dragonforce_ransomware_uk_retail_attacks/
[8] https://www.theregister.com/2025/05/21/ms_cyberattack_disruption/
[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[10] https://www.ft.com/content/723b6195-1ce7-4b5f-94f5-729e9152c578
[11] https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
[12] https://www.theregister.com/2025/05/13/ms_confirms_customer_data_stolen/
[13] https://www.theregister.com/2025/05/15/dragonforce_ransomware_uk_retail_attacks/
[14] https://www.theregister.com/2025/05/21/ms_cyberattack_disruption/
[15] https://whitepapers.theregister.com/
According to an update to its website on Tuesday, "select fashion ranges [are] now available to buy online" in England, Scotland, and Wales.
It's not a return to normal service yet, however. It said: "delivery to Northern Ireland will resume in the coming weeks," and that only standard shipping was available to customers.
[1]
That standard shipping option also appears to be delayed, with the company saying orders will take up to 10 days to arrive whereas pre-attack they typically arrived in 3-5 days. For deliveries to army bases, these could take up to two weeks.
[2]
[3]
M&S said this was to help manage customer demand.
"For now, Click & Collect, next day delivery and nominated day delivery, and international ordering are unavailable. We're working hard to resume these services as soon as possible."
[4]
Click & Collect orders were among [5]the first services M&S pulled offline following the attack. Initially the retailer explicitly said online and app orders were unaffected – but changed its tune just days later.
Since then, the company [6]confirmed customer data was stolen during the attack, the nature of which has not been revealed, despite being strongly rumored to involve [7]DragonForce ransomware.
It also estimated a [8]£300 million ($404.7 million) operating profits loss for the next financial year, although it hopes to reduce this through cost mitigations, insurance and trading actions, it said in its accounts recently.
[9]
The admission followed reporting from the [10]Financial Times that M&S was preparing to make a maximum claim on its cyber insurance policy worth around £100 million ($134 million).
[11]This is not just any 'cyber incident' … this is an M&S 'cyber incident'
[12]Marks & Spencer admits cybercrooks made off with customer info
[13]Here's what we know about the DragonForce ransomware that hit Marks & Spencer
[14]M&S warns of £300M dent in profits from cyberattack
The news of online orders returning, albeit a slimline version of them as M&S continues its recovery, led to its share price rising by around 3 percent after it took a chunky hit as a result of the attack.
At its lowest point, M&S's share price was down roughly 16 percent compared to its pre-attack performance, wiping more than £1 billion ($1.3 billion) off its market valuation.
M&S previously warned that website disruption could continue into July, but CEO Stuart Machin said it would use the "opportunity" to accelerate the company's digital transformation. ®
Get our [15]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
[6] https://www.theregister.com/2025/05/13/ms_confirms_customer_data_stolen/
[7] https://www.theregister.com/2025/05/15/dragonforce_ransomware_uk_retail_attacks/
[8] https://www.theregister.com/2025/05/21/ms_cyberattack_disruption/
[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aEhWl2otu-XtfvA9axcsNAAAA4Y&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[10] https://www.ft.com/content/723b6195-1ce7-4b5f-94f5-729e9152c578
[11] https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
[12] https://www.theregister.com/2025/05/13/ms_confirms_customer_data_stolen/
[13] https://www.theregister.com/2025/05/15/dragonforce_ransomware_uk_retail_attacks/
[14] https://www.theregister.com/2025/05/21/ms_cyberattack_disruption/
[15] https://whitepapers.theregister.com/
Efer Brick
ah well, at least they saved £30m a year over the last (almost) 10 years
Our service has been upgraded....
spold
...from non-existent to fairly crappy. Please don't get your knickers in a twist - particularly in N. Ireland as we can't send you new ones....
Knickers
Fruit and Nutcase
"For now, Click & Collect, next day delivery and nominated day delivery, and international ordering are unavailable..."
Still down, yet to be pulled up
Digital Transformation
Tanglewood73
'CEO Stuart Machin said it would use the "opportunity" to accelerate the company's digital transformation'
It's the digital stuff that was hacked, if they'd left it a pen and paper they'd have been fine!
better bring back click and collect
Roger Kynaston
If I were them (thankfully I’m not though) I would have worked to bring back click and collect first as this is much better to my thinking. But them I am a woke liberal metropolitan elitist in London so what would I know.
Thank God
Mr Dogshit
I'm all out of Percy Pigs and huge granny pants.
48 days later...
Efer Brick
Sounds like a Danny Boyle film.
Will the zombies return?
It's actually got me worried for our little M&S Food*
Jason Hindle
Since the hack, it's been very ropey, often with empty shelves. There's no such thing as a victimless crime—something that financially impactful likely means someone's livelihood.
* I remain loyal - they organised themselves into a little beacon of sanity amongst the madness in the early days of lockdown,
https://www.bbc.co.uk/news/business-42629522
9 January 2018
Marks and Spencer has said it will outsource over half of its IT team. The move is part of the High Street chain's attempts to turn its fortunes around with a five-year cost-cutting plan, led by chief executive Steve Rowe who took the helm in 2016. Mr Rowe said the changes to its technology team would save £30m a year by 2021/22 and result in "a more customer-centric approach".
So, if this went how they alyways seem to go: the lowest outsource bidder got the contract, initially had A-Team people working the account but after a year or two they have been rotated out to the next big new customer. To backfill, TCS will hire a bunch of graduates who have no idea what they are doing and mimic what the A-Team told them to do before they legged it.
Most probably M&S will continue looking for "efficiencies" and will keep payrises to a minimum (encourages people to find work elsewhere - no redundancy payments yipee), also they will not replace UK based people who retire or move on and when the local workforce cannot keep up with the work, they implement a "the beatings will continue until productivity improves" with KPI's that are impossible to achieve.
Also, for management, the easiest saving of all is to not spend in the first place and so the hardware will be sweated until it costs way more to keep it going than to buy new gear.
The most important thing if you are in management, make damn sure you are promoted away from the cluster-fuck before it all goes tits-up.
https://en.wikipedia.org/wiki/Steve_Rowe_(businessman) Stephen Joseph Rowe (born July 1967) is a British businessman and former CEO of Marks & Spencer from April 2016 to 2022.