Iconic British retailer Marks & Spencer (M&S) is scrambling to restore services impacted by a cybersecurity incident that occurred over the Easter holiday.
While the company’s online services remained operational, the incident impacted certain store operations, causing delays and frustration among customers.
“As soon as we became aware of the incident, it was necessary to make some minor, temporary changes to our store operations to protect customers and the business and we are sorry for any inconvenience experienced,” M&S said in a filing with the London Stock Exchange.
The company says it has engaged with cybersecurity experts to investigate the incident and relevant authorities have been notified.
“We are taking actions to further protect our network and ensure we can continue to maintain customer service,” M&S also said, without providing further details on the impacted services.
However, responding to a customer’s post on X, a company representative confirmed that in-store click-and-collect services have been impacted.
“Our systems are now back to normal, however we’re still experiencing technical difficulties with our click and collect service from stores. Please do not travel unless you’ve been notified, via email, from us. We are sorry for any inconvenience caused,” the representative said.
In a different thread, an M&S representative confirmed impact on gift card payments too, citing technical difficulties. Reportedly, contactless payments were also affected.
M&S has not shared details on the type of cyber incident it was facing, but the various disruptions could suggest that ransomware might have been used. It is unclear whether any customer information was compromised in the attack.
SecurityWeek has emailed M&S for additional information on the incident and will update this article if a reply arrives.
Related: Cyberattack Knocks Texas City’s Systems Offline
Related: Security Teams Pay the Price: The Unfair Reality of Cyber Incidents
Related: Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford
Related: Operations of Sensor Giant Sensata Disrupted by Ransomware Attack
