Just a day after an executive stated that disruptions from a cyber attack will continue until July, the Marks & Spencer website is down for customers once again.
Visitors to the M&S website see the message: ‘Sorry, you can’t browse the site currently. We’re making some updates and will be back soon.’
The BBC has reported that the site may be undergoing routine maintenance, but questions have been raised following the recent cyber incident.
M&S halted orders on its website and stores had empty shelves after being targeted by hackers around the Easter weekend.
The hackers accessed customer personal data, which could have included names, email addresses, postal addresses, and dates of birth.
The retail giant said on Wednesday that ‘human error’ caused the attack, which will cost the firm around £300 million, and chief executive Stuart Machin confirmed disruption could last until July.
Despite recent issues, M&S reported a higher-than-expected adjusted pre-tax profit of £875.5 million for the year to March, up 22.2% from 2024.
Joe Jones, CEO of the cybersecurity attack simulation company Pistachio, previously explained to Metro that while the upmarket retailer seems like an unconventional choice for hackers to target, it makes a lot of sense.
‘M&S is a household name with a vast and loyal customer base, which makes it a high-value target for cybercriminals,’ he told Metro.
‘Large retailers hold enormous amounts of personal data, everything from names and addresses to detailed purchase histories. That kind of data is gold dust for attackers running social engineering scams or looking to sell verified profiles on the dark web.’
M&S, like many retailers, isn’t just a brick-and-mortar store. It’s websites, mobile apps, marketing emails, and delivery services, which create more ‘digital touchpoints that can be exploited’.
‘It’s not necessarily that M&S was uniquely vulnerable; rather, it’s a classic case of “big brand, big data, big target”,’ he added.
None of the victims of the breach have disclosed details of how the crooks breached their systems. The National Cyber Security Centre said that officials aren’t sure if the attacks are linked.
Read more similar news:
Comments:
comments powered by Disqus
