Marks & Spencer Group Plc is facing significant challenges following a ransomware attack that has disrupted its operations. Hackers used a powerful type of malware known as DragonForce to lock down some of the retailer’s systems, making them inaccessible. This cyber incident, which began over a week ago, has forced M&S to pause online orders and halt certain payment processes in its UK stores.
The attack has raised concerns about the security of M&S’s systems. Reports suggest that the cybercriminals behind DragonForce have targeted numerous companies across various sectors, including healthcare and telecommunications. They typically encrypt files on victims’ computers and demand ransom payments in cryptocurrency to restore access. While it is unclear if M&S has received any ransom demands or is negotiating with the attackers, the company has engaged external cybersecurity experts to help manage the situation.
As a result of the attack, M&S has been unable to process contactless payments, and its "click and collect" service has been disrupted. This has led to gaps on store shelves and availability issues for some items. Hundreds of agency workers at M&S’s main clothing and home warehouse were told to stay home as the company dealt with the fallout from the incident. The disruption comes at a particularly challenging time, with rising temperatures in the UK and the spring-summer clothing sales season underway.
The impact of the cyberattack is already being felt in the stock market, with M&S shares dropping 6.2% since the incident was reported on April 22. Analysts predict that the ongoing pause in online orders could affect the retailer’s profits for the first quarter, especially as demand for summer clothing rises.
M&S, which operates over 1,000 stores in the UK, has built its business around an omnichannel approach, blending in-store and online shopping. While online sales account for about 30% of its clothing and home sales, the longer the online services remain down, the more pressure it puts on the company.
The situation highlights the growing threat of cyberattacks on businesses worldwide. As M&S works to restore its services, the incident serves as a reminder of the importance of cybersecurity in today’s digital landscape.