What the M&S Cyber Attack Teaches Us About Business IT Vulnerabilities

  • admin
  • May 12, 2025
  • 10:15 am
  • 0 comments
Marks & Spencer has made headlines over the last few weeks, after it became the latest in a long list of victims, following a serious ransomware attack. The incident, first detected over the Easter weekend, has left the supermarket paralysed, with widespread disruption in stores and a complete collapse of their website, raising urgent questions about how prepared businesses are to handle modern cyber threats.

What the M&S Cyber Attack Teaches Us About Business IT Vulnerabilities

Marks & Spencer has made headlines over the last few weeks, after it became the latest in a long list of victims, following a serious ransomware attack. The incident, first detected over the Easter weekend, has left the supermarket paralysed, with widespread disruption in stores and a complete collapse of their website, raising urgent questions about how prepared businesses are to handle modern cyber threats.

A Major Disruption for M&S

Since the 25th of April (2025), M&S has struggled to return to normal after a cyber-attack targeted their contactless payments and Click & Collect services. Soon after, the store was forced to pause all online orders indefinitely. More than two weeks on, their website continued to display a banner notifying customers that orders were paused and declined to provide a clear timeline for when services would resume.

Food supply issues have also been reported, with certain stores lacking key items for promotions like meal deals. Even the company’s careers site went offline, forcing them to pull all job vacancies while it worked to recover.

BBC News has reported extensively on the disruption.

A Ransomware Attack With Wider Implications

It’s since emerged that this was indeed a deliberate ransomware attack from an organised group. A hacking group, known as Scattered Spider (also referred to as UNC3944 ) is suspected of carrying out the attack, alongside similar attempted hacks on Co-Op and Harrods that were carried out around the same time. It’s believed that the English-speaking hacking collective, mostly comprised of teenagers and young adults from the UK and USA, was working with a “cybercrime-as-a-service” business from the former Soviet Republic, known as Dragon Force. This group offers a franchise-like service whereby anyone can use their software in return for 20% of the ransom payments received from cyberattacks.

The National Cyber Security Centre has warned of increasing attacks on British retailers, with criminals often posing as IT help desk staff to gain access. You can read more about this here.

A Price Tag in the Millions

The cost of this attack is already substantial. With M&S’s share value down and over £500 million wiped from its market cap, the financial impact is clear. Online sales account for around a third of its clothing and home business, worth an estimated £3.8 million per day. Every day its site remains down, customers turn to rival retailers.

For a company so reliant on customer trust and seamless service, this breach is more than just a technical failure, it's a reputational crisis. Catherine Shuttleworth from Savvy Marketing notes that the current retail culture is based on “buy it now” expectations. In other words, people won’t wait.

Suppliers Feel the Knock-On Effects

It’s not just M&S feeling the strain. Suppliers like Greencore, which provides sandwiches and wraps to the store , had to revert to pen-and-paper processes, increasing deliveries by 20% to meet demand. Thea Green, CEO of Nails Inc, admitted the disruption came at a crucial time, just as her company was planning a major product launch.

M&S also shares its online food delivery arm with Ocado, meaning delays and issues have extended beyond its own ecosystem. With multiple parties affected, the long tail of such attacks becomes more visible.

Silence Isn’t Always Golden

Since the breach, communication from M&S has been limited. Aside from a few short updates, there’s been little public comment about the nature of the attack or expected recovery times. While this may be common in such cases, it risks eroding customer confidence. Business adviser Kate Hardcastle says in today’s connected world, “silence can be unsettling.”

Strong, transparent communication is key to recovering customer trust especially when data and service integrity are at stake.

What Can Businesses Learn?

This incident reinforces a crucial message: no business is immune to cyber threats. Whether you’re a multinational retailer or a regional service provider, being unprepared can cost you dearly. It’s not just about having antivirus software or backups; it’s about resilience, response planning and expert support.

At Edmondson’s IT Services, we help businesses build robust IT infrastructure, with proactive monitoring, ransomware protection, encrypted cloud backups and rapid recovery strategies. Our Free IT Health Check identifies vulnerabilities before hackers do, offering peace of mind in a climate of growing cyber threats.

Protect Your Business Before It's Too Late

If a brand as large and resource-rich as M&S can be hit this hard, it’s a wake-up call for all businesses. Don't wait until your systems are compromised. Let’s work together to make sure you’re protected.

5 of the Most Common Backup Mistakes (And How to Avoid Them)
When it comes to keeping your business running smoothly, data is everything. From customer records and financial documents to vital software and confidential emails, your business depends on quick access to reliable information. But what if that data was suddenly lost, corrupted or held to ransom? Without the right backup strategy, many businesses find themselves vulnerable to downtime, financial loss and even legal trouble. At Edmondson's, we help businesses protect their critical data through secure backup solutions, tailored specifically to your needs. Here's five ways we could help you avoid some of the most common mistakes businesses make when backing up their data.
READ BLOG
Why Cyber Essentials Certification Matters for Your Business
In today's fast-paced digital world, cyber threats are a growing concern for businesses of all sizes. A single cyber attack can bring operations to a halt, cause financial damage and erode trust with customers. That’s why at Edmondson’s, we recommend the Cyber Essentials certification as a critical step in your business’s cybersecurity journey. Cyber Essentials is a government-backed certification scheme designed to help businesses protect themselves from the most common online threats. It provides a solid foundation of cybersecurity and demonstrates to customers, suppliers and stakeholders that your business takes data protection seriously.
READ BLOG
The 2025 PSTN Switch-Off: What Your Business Needs to Know
This year, the UK's phone infrastructure is undergoing one of its biggest changes in decades. The Public Switched Telephone Network (PSTN), along with the Integrated Services Digital Network (ISDN), are being switched off for good. If your business still relies on old phone line systems, the time to act is now. At Edmondson’s, we want to make sure every business understands what the switch-off means and how to make a smooth transition to modern communication technology.
READ BLOG

about us

our policies

contact us

Google Reviews

© Edmondson's IT Services | Co. Reg. No: 07818717 | VAT Reg. No: GB122507059

pay nothing for 3 months

Get 3 months of IT support at no extra cost, by signing up to a 12 month contract.

pay nothing for 3 months on your IT support

what's included

BESPOKE SUPPORT

We offer a completely customised service to support your business.

PRICE MATCH GUARANTEE

We have a price match guarantee in place to ensure you're getting the best service without compromising on quality.

PROACTIVE SUPPORT

Using our internal monitoring systems, we're able to fix issues before they occur.

FIND OUT MORE  >>