A series of cyberattacks have disrupted operations at several major British retailers, including Marks & Spencer (Marks), Harrods, and the Co-op food chain, with online services, customer data, and payment systems compromised in a widespread digital breach.
Marks, one of the UK’s largest retail chains, disclosed on Wednesday that the cyberattack has severely impacted its online business in Fashion, Home & Beauty, with trading profit taking a significant hit. The company had to pause all online shopping, which it expects to remain disrupted through June and into July as it restarts and gradually ramps up operations.
“Online sales and trading profit have been heavily impacted by the necessary decision to pause online shopping, however, stores have remained resilient,” Marks said in an official statement.
The company confirmed that some personal customer data was stolen in the breach, including names, dates of birth, addresses, and phone numbers, though it clarified that no usable payment or card details or account passwords were accessed.
The ransomware attack, which began around Easter, has also affected contactless payments, recruitment systems, and other digital operations. Marks estimates the impact on its annual group operating profit to be around £300 million, a figure it hopes to reduce through cost management, insurance claims, and other trading actions.
Despite the incident, the company reported operating profit before adjusting items of £985 million for the financial year ending in March. However, following the announcement, Marks’ share price fell by 2.5% at the start of trading in London.
The retailer has since reported the attack to the relevant government agencies and law enforcement, and investigations are ongoing.
The cyberattack on Marks follows a wider wave of ransomware incidents targeting UK-based retail brands, including Harrods and the Co-op, highlighting growing concerns over digital security in the retail sector.
