The retailer said the incident, which it described as a “highly sophisticated” cyber attack, has had a major impact on its online fashion, home, and beauty sales. These categories normally bring in more than £3 million per day, but online operations have been suspended for almost a month and may remain offline for up to two more months.
In the food division, M&S reported reduced product availability and increased costs due to waste and logistical issues. The company was forced to temporarily return to pen-and-paper systems as part of its response.
Chief Executive Stuart Machin thanked customers for their loyalty and said M&S would recover stronger. “This incident is a bump in the road, and we will come out of this in better shape,” he said. “There is no change to our strategy, and if anything, this event lets us speed up our transformation.”
Machin did not confirm whether a ransom had been paid but said the attackers gained access due to “human error.”
The incident comes after a strong year for M&S. The company reported its highest pre-tax profit in 15 years at £875.5 million, a 22% increase. Total revenue rose 6% to £13.8 billion, with food sales up 8.7% to £9 billion and fashion, home, and beauty sales up 3.5%.
He added that full recovery could take months. “Online operations may not return to full strength until later this summer. Although insurance claims may soften the financial hit, the damage to both profits and reputation is already done.”
