What: Marks & Spencer experiences cyber incident affecting store operations, prompting engagement of external security experts and implementation of temporary operational changes.

Why it is important: The timing and nature of this cyber incident underscores the critical importance of robust security measures in retail, especially as the sector faces increasing sophisticated attacks targeting customer data and operations.

Marks & Spencer has reported a cybersecurity incident that necessitated temporary operational adjustments to protect customers and business operations. The retailer has swiftly engaged external cybersecurity experts to investigate and manage the situation while implementing additional network protection measures. While stores remain open and digital channels continue to function normally, some minor operational changes have been implemented, potentially affecting click-and-collect services. The company has taken a proactive approach by notifying relevant data protection authorities and the National Cyber Security Centre. CEO Stuart Machin has personally addressed customers, emphasizing transparency and reassuring them that no immediate action is required on their part. This incident occurs as M&S continues its digital transformation journey, including recent investments in customer experience enhancement and technological infrastructure upgrades.

IADS Notes: This incident follows a concerning pattern of cyber threats in retail, as highlighted in April 2025 research showing ransomware attacks accounting for 30% of all retail security incidents, with average losses reaching $1.4 million per attack. The timing is particularly significant given March 2025's revelation about a USD 5.4 billion industry loss from a single security update failure. M&S's response aligns with evolving best practices seen in March 2025, when retailers began prioritizing rapid recovery capabilities over complete risk avoidance. This incident occurs amid M&S's broader digital transformation, including their March 2025 'superapp' development and the October 2024 implementation of innovative store technologies.

Marks & Spencer calls in external experts following ‘cyber incident’