M&S Expects Cyberattack Impact to Be Over by August, CEO Says
Marks & Spencer Group Plc expects its online services to be fully restored in the next four weeks as it continues to recover from April’s cyberattack, Chief Executive Officer Stuart Machin said.
“I’m really hoping by August the majority of this is behind us and customers will see the full M&S,” Machin told shareholders at the British retailer’s annual general meeting on Tuesday. “Within the next four weeks, we’re aiming for the whole of online to be fully restored and open.”
The hack forced M&S to halt contactless payments and pause online clothing and home orders, which account for more than £3 million ($4.1 million) of sales a day. Limited online shopping was restored last month, with services including click and collect still unavailable.
Read more: Marks & Spencer Says Cyberattack to Cost £300 Million
A cybercrime gang known as “DragonForce” has taken credit for the attack, which M&S has estimated will deal a £300 million blow to operating profit.
Shares of M&S rose as much as 1.8% in London. They were down 13% through Monday’s close since the retailer first announced it was dealing with a cyberattack on April 22.
Photograph: A notice on the M&S website following a cyberattack in May 2025; photo credit: Jose Sarmento Matos/Bloomberg
Related:
- After 46-Day Cyberattack Pause, British Retailer M&S Resumes Online Orders
- M&S, Co-op Cyberattackers Duped IT Help Desks Into Resetting Passwords, Report Says
- British Food and Clothing Group M&S Discloses Cyber Incident
- ‘Dream Is in Sight:’ Chamber, Reinsurers, Insurers Urge Florida to Stay the Course
- Wealthy County in New York Must Pay $112 Million Over Immigrant Rights Violations
- Applied Systems, Comulate Spar Over Trade Secret Theft Allegations
- Swiss Re Shares Drop After New Profit Target Falls Short of Expectations