What: M&S faces £300 million profit impact from cyber attack as retailers struggle to balance digital innovation with security resilience.

Why it is important: This incident demonstrates how cyber attacks have evolved from IT issues to fundamental business risks that can severely impact retail operations and financial performance.

Marks & Spencer's cyber attack has revealed the complex challenges facing modern retailers in protecting their digital infrastructure. The incident, which began during Easter weekend with disrupted contactless payments, has escalated into a £300 million hit to operating profits and suspended online clothing sales. While customers found workarounds like using the M&S app with Apple Pay, the attack's impact continues to affect operations and could take until July to fully resolve. The breach, linked to the Scattered Spider hacking group and attributed to human error at a third-party contractor, demonstrates how retailers must adapt to an environment where complete prevention is impossible. This reality requires businesses to focus on containment and rapid recovery capabilities, similar to fire drill preparations. The incident highlights the critical importance of data backups, system partitioning, and avoiding over-dependence on single technological points of failure.

IADS Notes: The M&S cyber attack highlights fundamental vulnerabilities in retail digital infrastructure. According to Financial Times' May 2025 coverage , despite a £300 million profit impact, M&S maintained customer trust through transparent crisis management, with recommendation rates dropping from 87% to 73% while underlying trust remained at 82%. Retail Week's May 2025 analysis  revealed how the incident triggered a chain reaction, with both Harrods and Co-op suffering similar breaches, leading to a 10% increase in cyber insurance premiums across the sector. Financial Times' April 2025 report  showed how the attack wiped £700 million off M&S's market value and disrupted £3.5 million in daily digital sales, demonstrating the severe financial consequences of cyber vulnerabilities. Inside Retail's May 2025 coverage  highlighted how these attacks represent a broader transformation in retail risk, with ransomware now accounting for 30% of security incidents and average losses reaching £1.4 million per attack. The incident's attribution to human error at a third-party contractor underscores the complex challenge of maintaining security across increasingly interconnected retail operations.

Welcome to the age of cyber insecurity in business