tl;dr
Marks & Spencer (M&S) is expected to lose over $400 million due to a cyberattack that disrupted operations, impacting profits in the 2025-2026 fiscal years. CEO Stuart Machin stated the company has been managing the sophisticated attack with teamwork and responsibility, prioritizing customer service...
Marks & Spencer (M&S) is facing a significant financial setback due to a cyberattack, with an anticipated profit loss of $403 million affecting the 2025-2026 fiscal years. The attack disrupted operations, especially impacting online sales in the Fashion, Home, and Beauty sectors, where a pause in online shopping has been necessary.
CEO Stuart Machin emphasized the company’s response, highlighting teamwork and responsibility as they prioritized customer service while managing this sophisticated and targeted cyberattack. Although physical stores have remained resilient, the online shopping disruption is expected to persist throughout June and into July as operations gradually restart and scale up.
The cyberattack compromised sensitive customer data, including contact information, birthdates, and online order histories. The breach is linked to the hacking group "DragonForce," which has also targeted the UK’s Co-op Food grocery chain, indicating a broader campaign against major UK retailers.
M&S has taken proactive steps with suppliers and partners to contain the incident and stabilize business operations, aiming to minimize the impact on customers and the company’s reputation. However, the financial hit reflects the challenge companies face in protecting against increasingly sophisticated cyber threats in today's digital retail environment.