Techradar - All the latest technology news

M&S checkout chaos persists as cyberattack fallout continues

Disruption from recent M&S cyber incident continues.

Apr 25, 2025 - 10:52
 0
M&S checkout chaos persists as cyberattack fallout continues
  • M&S facing ongoing disruption after a cyberattack
  • The attack has affected contactless payment and Click and Collect systems
  • It's still not clear if any customer data is affected

British retail giant Marks and Spencer has had to take some systems and processes offline after suffering a cyberattack which disabled contactless and Click and Collect services in stores.

The disruption has now continued for several days, with many stores still unable to process contactless payments, and Click and Collect now paused in all stores.

The retailer confirmed in a statement that in order to protect colleagues, partners, suppliers, and the business, M&S has “made the proactive decision to move some [of our] processes offline”, which would be consistent with the response to a ransomware attack - although its not yet clear if this is the case.

Get Keeper Personal for just $1.67/month, Keeper Family for just $3.54/month, and Keeper Business for just $7/month.

Keeper generates and stores strong passwords so you never have to remember them again. Don’t let one weak password leave you exposed.

Preferred partner (What does this mean?)View Deal

Retail at risk

Physical stores, the website, and the M&S App are still up and running, but this disruption could be seriously costly for a store as big as this - as operational losses and damage to reputation for stores can be costly.

The retail industry is a common target for cybercriminals, as even a few hours of downtime can cost millions of dollars, making firms more likely to pay a ransom, and therefore more vulnerable.

Earlier in 2025, Walmart membership programme ‘Sam’s Club’ was hit with a ransomware attack that reportedly affected thousands of staff - illustrating the sector’s vulnerability.

“The retail industry is operating on a very small profit margin, and therefore the amount of attention or budget they can give to addressing their cybersecurity posture is usually scarce,” explains Pierre Noel, Field CISO EMEA at Expel.

“To address this, retailers must implement a continuous cyber risk quantification programme. One of its outcomes is to generate and price credible incident scenarios, as well as to identify mitigating controls and their associated costs. This information is very meaningful for senior executives and the board, communicates effectively, and places the responsibility on them to determine which risks are acceptable and which are not.”

You might also like

Read More

Tags:

Previous Article

Control spinoff FBC: Firebreak finally has a release date, plus pricing and edit...

Next Article

Google will replace Pixel 7a batteries with swelling issues

Related Posts

This GPU vendor I've never heard of claims its card is 10x faster than an Nvidia RTX 5090 at real time path tracing

This GPU vendor I've never heard of claims its card is ...

Mar 12, 2025  0

Cthulhu: The Cosmic Abyss is a new first-person thriller from the studio behind Vampire: The Masquerade - Swansong

Cthulhu: The Cosmic Abyss is a new first-person thrille...

Mar 6, 2025  0

Nintendo's latest FCC filing hints at a Nintendo Switch 2 Pro Controller featuring a headphone jack

Nintendo's latest FCC filing hints at a Nintendo Switch...

Apr 2, 2025  0