M&S reopens online orders six weeks after cyberattack

Marks & Spencer said it has reopened its website to customers weeks after it was forced to halt orders following a damaging cyberattack.

In an update, the retailer said on their website: “You can now place online orders with standard delivery to England, Scotland and Wales. Delivery to Northern Ireland will resume in the coming weeks.

“We will resume click and collect, next-day delivery, nominated-day delivery and international ordering in the coming weeks.”

The company faced heavy disruption as it paused online orders after it was targeted by a major cyberattack in April.

The retailer was also left with some empty shelves after being targeted by hackers as it halted orders on its website over the Easter weekend.

Customer personal data – which could have included names, email addresses, postal addresses and dates of birth – was also taken by hackers in the attack.

open image in gallery

In a statement published on social media on Tuesday, M&S managing director of clothing, home and beauty John Lyttle said: “More of our fashion, home and beauty products will be added every day, and we will resume deliveries to Northern Ireland and click and collect in the coming weeks.

“Thank you sincerely for your support and for shopping with us.”

M&S revealed last month that the attack was caused by “human error” and would cost it around £300 million.

While its 565 stores have been able to remain open and trade throughout, contactless payments were initially impacted and there were also some stock availability issues while it had to temporarily switch to manual processes.

Chief executive Stuart Machin said on reporting annual figures in May that hackers gained access to the company’s IT systems through a third party.

He said at the time: “We didn’t leave the door open, this wasn’t anything to do with under-investment. Everyone is vulnerable. For us, we were unlucky on this particular day through some human error.”

open image in gallery

The hackers reportedly sent an abusive email to the retailer’s boss, gloating about the hack and demanding ransom payment.

Mr Machin was reportedly sent an email on 23 April from a hacker group called DragonForce, using the email account of an employee, which confirms the British high street retailer was targeted by a ransomware group, something they have refused to acknowledge.

The email, seen and reported on by the BBC, says: “We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers.

"The dragon wants to speak to you so please head over to [our darknet website]."

A darknet link shared in the email connected to a portal for DragonForce victims to negotiate a ransom fee. The criminal organisation said: “Let's get the party started. Message us, we will make this fast and easy for us.”

They ended the email with an image of a dragon breathing fire, according to the BBC.

M&S told The Independent: “We cannot comment on details of or speculation on the cyber incident, and we have been advised not to.”

DragonForce is the second hacking group to be linked to the M&S cyberattack. The Scattered Spider network, a group of young hackers across the UK and US, was also connected to the incident.