M&s website down as retailer still suffering from online woes

THE MARKS AND SPENCER WEBSITE HAS BEEN DOWN FOR CUSTOMERS, WITH THE RETAILER STILL SUFFERING FROM THE EFFECTS OF A CYBER ATTACK 10:54, 22 May 2025Updated 11:57, 22 May 2025 Shoppers looking

to browse the Marks and Spencer website have hit a snag as the retailer grapples with the aftermath of a cyber attack, leaving the site temporarily inaccessible. Customers attempting to

visit the M&S site have been met with an apology: "Sorry you can't browse the site currently. We're making some updates and will be back soon." The webpage remains

unavailable for further use. According to the BBC, there are suggestions that the site may simply be undergoing standard maintenance. Marks and Spencer has been approached to provide more

details on the situation. The incident follows a recent cyber assault over the Easter weekend, where MandS had to cease online orders and saw its shelves run bare. In this breach, customer

data potentially including names, email addresses, postal addresses, and birth dates were compromised. Marks and Spencer acknowledged on Wednesday that "human error" was behind the

costly attack, which is looking to set the company back by approximately £300 million. Stuart Machin, the chief executive, has indicated that the disruption might persist up until July,

reports Wales Online. This disclosure comes alongside the announcement of an unexpected rise in adjusted pre-tax profits, totalling £875.5 million for the financial year ending March – a

22.2% increase from last year. Digital expert Robert Cottrill, technology director at ANS, emphasised the importance of M&S ensuring a comprehensive restoration of their systems to

guarantee security and avert similar future mishaps. Article continues below Following the recent cyber attack on M&S, he told the PA news agency: "M&S appears to be taking the

appropriate and necessary steps following the cyber attack, with a likely focus on restoring core systems and recovering critical data." He added that the continued disruption could

very well stem from the assailants having aimed at essential infrastructure, which necessitates time for thorough evaluation, securing, and reinstatement. With M&S's complex global

operations, he pointed out: "Given the scale and complexity of M&S's globally connected operations, the recovery process is understandably meticulous, with multiple

interconnected systems requiring scrutiny." Stressing the importance of diligent restoration efforts, he said: "It's essential that M&S prioritises a secure and complete

recovery over a rapid one. Rushing to bring systems back online without full assurance of their integrity could risk further compromise. Ensuring robust security at every layer before

resumption is not just sensible – it's vital." The considerable interruption and resulting sales hit experienced by M&S clearly illustrate a critical lesson for all companies,

as he observed: "The major disruption and sales loss M&S has seen following the incident serve as a powerful reminder to all organisations: cybersecurity must be treated as a

board-level issue. No business is immune to cyber threats, and those with complex digital ecosystems are particularly vulnerable." Article continues below To effectively curb the impact

of such events, he recommended: "Effective incident response plans, regular testing and collaboration with cybersecurity experts are critical to minimising disruption." Lastly, he

addressed the need for a forward-thinking security stance: "But more than that, a proactive approach that includes threat detection, security-by-design principles, and employee

awareness is the best defence against increasingly sophisticated attacks."