What: M&S suspends online operations across UK and international markets following sophisticated cyber attack by Scattered Spider group, potentially losing £3 million daily while affecting third-party vendors and payment systems.

Why it is important: This cyber incident illustrates the escalating challenges retailers face in protecting their digital operations, with significant financial and operational implications across their entire business ecosystem.

M&S has suspended online orders across its UK and Ireland websites and apps, along with several international platforms, following a cyber attack by the Scattered Spider hacking group. The incident, which began affecting in-store contactless payments and click-and-collect processing on Easter Monday, has forced the retailer to take comprehensive protective measures. Industry experts estimate potential losses of £3 million per day, though some sales may be deferred to stores or resume once the website is restored. The attack's impact extends beyond direct sales, affecting third-party brands trading on M&S's online marketplace, though the retailer has assured these vendors will receive payment. The full extent of the cyber incident's impact is expected to be disclosed during M&S's upcoming full-year financial results announcement on May 21, highlighting the broad implications of modern cybersecurity threats on retail operations.

IADS Notes: M&S's cyber incident represents a significant escalation in retail security threats. According to Drapers' April 2025 coverage , the retailer's proactive suspension of online operations demonstrates the evolving approach to crisis management in retail cybersecurity. The Financial Times' April 2025 analysis  revealed how the attack wiped nearly £700 million off M&S's market value, with daily digital sales losses of £3.5 million highlighting the substantial financial impact of such incidents. Retail Week's May 2025 report  showed how the attack affected consumer confidence, with customer recommendation rates falling from 87% to 73%, though underlying trust remained relatively stable at 82%. Drapers' April 2025 coverage  identified the Scattered Spider hacking group as responsible, demonstrating the increasing sophistication of cyber threats targeting retailers. The incident's impact on third-party marketplace vendors and international operations, combined with similar attacks on Harrods and Co-op, indicates a broader pattern of vulnerability in retail digital infrastructure that requires new approaches to cybersecurity and operational resilience.

M&S online shopping outage enters third week