What: Marks & Spencer resumes select online fashion orders after a six-week suspension following a major cyber attack, with plans to gradually restore full digital services including beauty products and international shipping.

Why it is important: This development illustrates the evolving nature of retail cybersecurity, where complete service restoration must be balanced against ongoing security concerns, even after initial incident containment.

Marks & Spencer has begun restoring its online retail operations, enabling customers to place fashion orders for delivery across England, Scotland, and Wales. This marks the first phase of recovery following a significant cyber attack that forced the suspension of online services six weeks ago. The retailer is taking a measured approach to service restoration, with beauty products, flowers, and hampers scheduled to resume in the coming weeks, followed by the reinstatement of click & collect, next-day delivery, and international ordering services. The incident, which began with disrupted contactless payments on Easter Monday, led to the complete suspension of online orders on April 23, affecting a channel that represents 34% of all clothing and home sales. The financial impact has been substantial, with M&S expecting a £300 million reduction in group operating profit for 2025/26. The company's cautious, phased approach to resuming digital services reflects the complex balance between operational recovery and maintaining robust security measures.

IADS Notes: The gradual resumption of M&S's online operations marks a significant milestone in their recovery from April 2025's devastating cyber attack by the Scattered Spider group, which initially wiped £700 million off their market value and disrupted £3.5 million in daily digital sales. The incident's severity is reflected in the projected £300 million hit to operating profits and potential insurance claims of up to £100 million, making it one of the largest cyber insurance payouts in UK retail history. While the attack significantly impacted customer confidence, with recommendation rates dropping from 87% to 73%, the retailer's transparent crisis management helped maintain underlying trust at 82%. The broader implications have transformed the retail sector's approach to cybersecurity, driving a 10% increase in industry-wide insurance premiums and prompting retailers to prioritise rapid recovery capabilities over complete prevention strategies.

Marks & Spencer resumes online orders