Marks & Spencer swaps out TCS for fresh helpdesk deal
- Reference: 1761640207
- News link: https://www.theregister.co.uk/2025/10/28/marks_spencer_helpdesk_deal/
- Source link:
The contract ended this summer, though TCS continues supporting other IT services for M&S, a spokesperson at the food, clothes and household good supplier told The Register.
"Regarding the IT service desk contract specifically, as is usual process, we went to market to test for the most suitable product available, ran a thorough process and instructed a new provider this summer. This process started in January, and this change has no bearing on our wider TCS relationship," they said.
[1]
M&S declined to name the new contractor or which contracts TCS continues to fulfill.
[2]
[3]
It's been a troubled year for M&S. In April, it [4]told the London Stock Exchange it was managing a "cyber incident" for "the past few days." An email to customers, seen by The Register , said Click & Collect orders were affected.
Operations were significantly disrupted in the subsequent months as technies tried to restore normality.
[5]India's services giant TCS lays off over 10,000 for reasons including AI, hikes wages for survivors
[6]Tata Consultancy enforces return-to-office mandate for all US staff, effective immediately
[7]India's services giants brace for impact as US tariffs bite their customers
[8]Asda IT staff shuffled off to TCS amid messy tech divorce from Walmart
[9]M&S CEO Stuart Machin said in May that the attack was likely to take a £300 million ($400 million) chunk out of the company's profits for the 2025/26 financial year.
The National Crime Agency (NCA) [10]cuffed four people the following month in connection with the attack on M&S and more British retailers, which all occurred within a matter of weeks.
[11]
By August, [12]the retailer said it had finally restored its Click & Collect service , while the Scan and Shop service had limited availability and online stock checking functionality remained affected.
In 2018, [13]M&S opted to cut its tech supplier base and transfer 250 staff to TCS under an IT outsourcing accord . The retailer agreed to pay a one-time "implementation cost" of £25 million to offload delivery and management of certain functions to the Indian headquartered firm, estimating it would save £150 million over five years.
TCS became M&S's "principal technology supplier," replacing agreements including those with Fujitsu and Sapient. The outsourcing deal was designed to identify areas of inefficiency at M&S.
[14]
In a statement sent to The Register , a TCS spokesperson said:
"The service desk contract with M&S followed a regular competitive RFP process initiated in January 2025, with M&S opting to proceed with other partners. The service desk component represents a small part of TCS' overall engagement with M&S. We continue to work on numerous other areas, in our role as a strategic partner for M&S."
"On the cyber incident itself, TCS conducted a review of our own networks and systems and our conclusion is that the vulnerabilities have not originated from there. TCS does not provide cyber security services to M&S. This is a service that is provided by another partner." ®
Get our [15]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aQCiSdBdhFCnASkDJNI2MAAAAUM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aQCiSdBdhFCnASkDJNI2MAAAAUM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aQCiSdBdhFCnASkDJNI2MAAAAUM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
[5] https://www.theregister.com/2025/08/11/asia_tech_news_in_brief/
[6] https://www.theregister.com/2025/07/23/tata_consulting_returntowork_mandate/
[7] https://www.theregister.com/2025/04/24/infosys_tcs_wipro_hcl_tariff_impact_results/
[8] https://www.theregister.com/2024/06/17/asda_tupe_tcs/
[9] https://www.theregister.com/2025/05/21/ms_cyberattack_disruption/
[10] https://www.theregister.com/2025/07/10/nca_arrests_four_in_connection/
[11] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aQCiSdBdhFCnASkDJNI2MAAAAUM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[12] https://www.theregister.com/2025/08/11/ms_restores_click_collect_following/
[13] https://www.theregister.com/2018/01/10/marks_and_spencer_outsources_250_tech_jobs_in_it_overhaul/
[14] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aQCiSdBdhFCnASkDJNI2MAAAAUM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[15] https://whitepapers.theregister.com/
Re: What's the saying, "penny wise and pound foolish"?
Well, they did identify one big inefficiency...
Re: What's the saying, "penny wise and pound foolish"?
I'm convinced companies outsource because they are shown a spreedsheet with 2 columns - the cost for an in-house team vs the cost outsourced to India. The difference is probably 3x difference. What it doesn't account for, is the reputational harm from the shitty service, or the added security risk. Or of using an outsourcer that will never learn the company / country culture, or develop deep knowledge, or improve customer relations, and who hires apathetic staff who don't give a damn and will be gone somewhere else in 6 months.
A cyber incident
Why does this sound like a gold-plated excuse to do away with something that worked acceptably until now, but that some upper-level board member suddenly decided that he would would prefer changing his AMS Mercedes for a new model ?
Re: A cyber incident
exactly , the socially engineering attack could happen with any third party, changing it doesn't achieve much but maybe it's easier to tell the shareholders we can blame someone else for the lack of judgement with these types of attacks. There's no mention of blame but I guess the change almost covers it
Re: A cyber incident
The cyber attack might have had some minor impact on the choice, but the fact they'd gone from letting TCS manage the help desk as part of the principal supplier framework, to re-sourcing it suggests to me that (1) the statement they started the process in January is true - it takes a long time to re-source any major services contract, and (2) there were undoubtedly reasons for help desk being selected for a re-source.
I'd guess two reasons, and speculate that first and possibly 2nd, 3rd line are all offshore and poor quality, with all the reputational and performance baggage that goes with cheap offshoring, so there's a performance rationale in how staff IT support operates. I'd also reckon that re-sourcing help desk will be seen as a good way of signalling to TCS that Marks may not be entirely happy with the wider performance.
Obviously Marks won't have reflected and learned Lesson 1 of IT outsourcing, that technology services vendors always over promise, under-deliver, and back load their margin across the contract period. Which means that re-sourcing the help desk might initially seem to provide better service, but ultimately performance and value to Marks will decline as the new supplier cuts their own costs and looks to ream out Marks with all the variations and non-standard service requests.
You get what you pay for
Outsourcing sounds financially attractive but if it ends up being provided by a revolving door of culturally clueless staff from another country who bodge fixes and don't give a damn about the service they provide then you got what you deserved.
It appears that there is one particular 3rd party that is a common denominator with M&S, Co-op and JLR.
What's the saying, "penny wise and pound foolish"?
"estimating it would save £150 million over five years. TCS became M&S's "principal technology supplier," .....The outsourcing deal was designed to identify areas of inefficiency at M&S."
So, after the £300m hit from the cyber attack, how's that maths looking now, Marks bean counters? Hahahahhahahaa! Which wanky management consultancy "helped" you to make that sagacious choice to outsource in the first place, and then to bundle it all up with Total Cockup Services? Was IT security one of those lovely, lovely "efficiencies"?
I'd like to think there have been some bitter recriminations behind the scenes (and likewise at JLR), but decades of business experience tell me that there won't be. Perhaps a few juniors will be thrown under the bus, but the chances of the board having any insight, nope.