M&S customers rally behind retailer as thousands send messages of support after cyber attack

Thousands of Marks & Spencer customers have rallied around the retailer by sending messages of support as the firm continues to grapple with the fallout of a cyber attack.

Disruption at the British brand began over a week ago, with shoppers facing problems with contactless payments and click and collect orders. M&S later paused online orders through its app and website, which have remained down since.

As the retailer battles to resolve the issues, it said thousands of its customers had backed its response to the attack.

M&S said almost 2,000 people sent positive comments on social media when its chief executive, Stuart Machin, wrote to customers alerting them to the problem last week in a successful crisis management initiative.

It added they received a further 2,000 messages from customers praising how in-store staff dealt with the technical issues.

open image in gallery

Comments included a customer saying staff members at their local store were “setting the bar for retail crisis management”, while another said they were doing a “sterling job”.

Scotland Yard have been called in to investigate the cyber attack, which left stores with empty shelves and slashed the company’s market value.

Marks and Spencer is also working with experts from both the National Crime Agency and the National Cyber Security Centre to “better understand the incident and support the company”.

open image in gallery

M&S has not confirmed the cause, but it has been widely reported that the company has been the victim of a cyber attack, and specifically a ransomware attack.

Ransomware incidents involve hackers gaining access to a computer system and using malware to steal or block access to files – often encrypting them – before demanding a payment, usually in cryptocurrency, to return the impacted data.

Many cybersecurity experts, and the official advice in the UK, urge organisations not to make ransom payments in incidents like this, because there is no guarantee that the hackers will return the stolen data, and making payments can help criminal enterprise and encourage others to carry out similar attacks in the future.

A hacking group operating under the name Scattered Spider has been linked to the attack, according to reports, with technology industry title Bleeping Computer first linking the group to a potential ransomware attack against the retailer.

However, that group, nor any other, have yet publicly claimed responsibility for the incident.