Marks & Spencer (M&S), one of the UK’s largest retailers, has confirmed that it is currently dealing with a cyber incident. As a result, this reality has taken a toll on its online services. As recently as March 30, the company was trumpeting its 9.4 million active online customers with great pride. On April 25, it stopped all online orders through its website and app. Implementation of 311 in person in-store services are back up and running. Yet, the latest cyber attack has caused customers to feel uneasy about whether their personal information is safe.
The incident has left many online customers vulnerable, as M&S acknowledged that “unfortunately, some personal customer information has been taken.” Stuart Machin, the company’s CEO, underscored the seriousness of the situation but emphasized that there is “no evidence that the information has been shared.” This announcement seeks to answer some customers’ fears that their data will be misused.
M&S’s decision to stop taking online grocery orders speaks to the code red nature of this cyber incident. The company is taking every possible step to restore normal operations as quickly as possible. Machin noted that they are “working around the clock to get things back to normal” as quickly as possible. The temporary suspension of services has undoubtedly disrupted the shopping experience for many loyal customers.
Retail analyst Catherine Shuttleworth of Savvy Marketing reflected on what this sudden cyber attack means for M&S. She described the new development as a “further blow for M&S.” This unexpected event has the potential to severely erode customer confidence and hurt the brand’s reputation. Shuttleworth said customers have themselves come out in support of the firm during what has been a more difficult time. What this means is that they are actually concerned about being secure with their data. She stated, “So far M&S customers have been very supportive of the business in the light of the cyber attack but they will be very concerned that their data has been compromised and will need a good deal of reassurance from the business about what this means for them.”
The resulting cyber incident has focused scrutiny DragonForce, a group behind an affiliate cyber crime service on the darknet. DragonForce opens its malware and website to anyone interested in mounting attacks and extortion campaigns. Their darknet marketplace doesn’t seem to have any listings for M&S at present. This surprising omission leads us to suspect who is behind the attack, and more importantly, what their motivations are.
While M&S deals with this crisis, they are simultaneously asking customers to be more careful with their personal data. Cybersecurity expert Matt Hull cautions us all to keep our guard up. His top tip — “If you ever doubt whether an email is real or not, don’t click any links in it! Go instead to the company’s own web site to fact check what they are claiming. This kind of guidance is desperately needed. It protects your customers, preventing them from being targeted by subsequent phishing attacks that can occur following a breach.
M&S’s customer-facing in-store services are clearly flourishing. The company is under a lot of pressure to provide friendly and reassuring communication to all of its online customers. We are continuing to respond to the evolving cyber incident. These efforts are an important step towards restoring customer confidence and making sure this kind of incident does not happen again.