- Invest in AI search as an enterprise business asset
- Samsung Galaxy S25 Ultra vs. Google Pixel 9 Pro XL: We tested both and it's a close one
- VMware Product Release Tracker (vTracker)
- This pocket-friendly AI voice recorder has changed the way I work and travel
- Is your Roku TV spying on you? Probably, but here's how to put an end to it
M&S Shuts Down Online Orders Amid Ongoing Cyber Incident
Marks & Spencer has paused taking online orders as the British retailer continues to tackle an ongoing cyber incident.
In a note posted on social media on April 25, the company said it has made the decision to pause taking orders via the M&S.com website and app. It is unclear when these services will be restored.
This update comes three days after the retailer confirmed it was tackling a cyber incident.
While M&S did not share why these services have been paused, there are multiple reasons why such action could be taken as part of an incident response.
For instance, if backend services have been affected by the cyber incident, shutting down such services could be part of the restoration effort even if the website and app are not directly impacted.
Matt Saunders, Field CTO at Adaptavist, commented, “Taking everything down suggests that they don’t yet know the full extent of the intrusion, or how to limit the effects of it.”
He added, “Given the reputational damage of downtime and being involved in an attack, it’s a brave but necessary decision to have an incident response that involves shutting customers out. But this gives M&S space to stop the intrusion, collect evidence, prevent further damage and get a handle on the full scope of the problem.”
Initially, the disruption was limited to the firm’s contactless in-store payments and click and collect services.
Jamie Moles, Network visibility specialist at ExtraHop, noted, “The disruption to contactless payments and click-and-collect hints at a broader impact beyond just the website, possibly affecting integrated backend systems, inventory management or retail networks”
It appears that contactless payments have been restored at most stores but click and collect services are still disrupted. Gift cards and e-gift cards cannot currently be used in store or online. The latest message from M&S said that customers can still browse its product range online and that stores remain open. It is unknown if any data has been accessed by unauthorized actors during the incident.
Commenting on the development, William Wright, CEO of Closed Door Security, said “This latest update highlights that the incident is now having a material impact, with all online and app sales being paused.”
“This will create a huge inconvenience for customers and will also significantly impact M&S financially. Data shows that almost a quarter on the store’s sales happen online, so no matter how long this pause is put in place, it will hurt M&S financially,” he added.
The retailer reiterated that customers do not need to take any action in the face of this cyber incident.
Leading cyber experts have been involved in the response and M&S has informed the UK’s National Cybersecurity Center (NCSC) about the incident.
Saunders added, “Contemporary cybersecurity incidents are nuanced, targeted and complex; any obvious attempts to stop them can often trigger data deletion, in part helping the intruders cover their tracks, so they’ll be preserving the scene for law enforcement and a quicker return to full service.”
Image credit: David Michael Bellis / Shutterstock.com
