Marks and Spencer (M&S) has been grappling with a “cyber incident” that has disrupted services. The UK retailer reported issues with its Click and Collect service and the inability to process contactless payments. Many customers took to social media to voice their complaints about delays and payment problems, especially regarding gift cards and vouchers.
M&S CEO Stuart Machin apologized to customers, assuring them that the company had temporarily adjusted operations to protect both customers and the business. The Information Commissioner’s Office (ICO) and the National Cyber Security Centre were notified about the incident. M&S has brought in external cybersecurity experts to help with investigating and managing the ongoing situation.
In its communications, M&S explained that customers did not need to take any action but promised to update them if the situation changed. Despite the disruptions, M&S continued working to resolve delays related to Click and Collect orders and other payment issues. The company acknowledged that some customers were still experiencing problems with gift card payments and order processing.
Experts warned that M&S’s experience highlighted vulnerabilities even within well-resourced organizations. Cybersecurity professional Daniel Card noted that the event should serve as a reminder of the importance of practical and proportionate security steps. This incident adds to a series of tech failures that have affected major UK retailers in recent months, underscoring the growing risk of cyberattacks.
Reference: