Skip to content

M&S stops online orders and issues refunds after cyber attack

Tom Gerken & Graham Fraser
Technology reporters
Alamy The M&S website, showing its simple logo. It highlights the different categories of clothes that are sold, such as men's, women's and kids clothes.Alamy

Marks & Spencer (M&S) says it has stopped taking online orders as the company struggles to recover from a cyber attack.

Customers began reporting problems last weekend, and on Tuesday the retailer confirmed it was facing a "cyber incident".

Now, M&S has entirely paused orders on its website and apps - including for food deliveries and clothes - and says it will refund orders placed by customers on Friday.

The firm's shares fell by 5% following the announcement before recovering.

"We are truly sorry for this inconvenience," the retailer wrote in a post on X.

"Our experienced team - supported by leading cyber experts - is working extremely hard to restart online and app shopping.

"We are incredibly grateful to our customers, colleagues and partners for their understanding and support."

It said its stores remain open despite the issues affecting online ordering.

Ongoing issues

Previously, the firm was dealing with problems which affected people using contactless payments, Click & Collect, as well as those paying with gift cards.

Since it suspended online ordering, M&S has responded to social media posts advising customers that these problems persist.

"Gift cards, e-gift cards and credit receipts can't currently be used as a payment method in store or online," it said in response to one person on X.

But it told another that if people have already received an email telling them an item is ready to be collected, they should be able to go into the store and pick it up.

"We're holding all parcels in store until further notice, so there's no risk of it being sent back," it said.

But some people have criticised the firm for its handling of the outage, particularly around its messaging to customers.

"After being told yesterday in the evening the problem with gift cards was sorted, went in store today and was sent away again," one person told the firm in a post on X.

They said it was the fourth day in a row they had tried and failed to use their M&S gift card.

Meanwhile despite the frustrations, some people online have praised in-store staff over their service amid the problems, and called for customers not to take their frustrations out on workers.

But many still appear to have questions over how existing purchases, orders and returns will be impacted by the continued fallout from the cyber attack.

Online grocer Ocado, which sells M&S food on its platform, is unaffected by the problems as it runs on a totally separate system.

M&S A screenshot from the M&S website's women's clothing section displays a clickable banner informing customers "we have paused online orders" and that "products remain available to browse online and stores are open".M&S
The M&S website is now informing customers it has stopped taking online orders.

Online disruption

A spokesperson from the Information Commissioner's Office told the BBC M&S it was "assessing the information provided" after M&S told it about the incident.

The firm previously said on Tuesday it had reported the incident to the National Cyber Security Centre (NCSC), and the National Crime Agency told the BBC it was working with the NCSC to support the firm.

In an update to investors on Friday, M&S said its decision to pause online orders in the UK formed part of its "proactive management" of the incident.

"The M&S team - supported by leading experts - is working extremely hard to restore online operations and continue to serve customers well," it said.

Amid the continuing fallout of this week's cyber attack, however, experts are speculating around what may be behind it.

Nathaniel Jones, vice president of Security & AI Strategy at cyber security firm Darktrace, said M&S halting online sales shows "the cascading impact these attacks can have on revenue streams".

"It demonstrates how quickly cyber incidents can cripple retail operations across both digital and physical channels," he said.

And William Wright from cybersecurity firm Closed Door Security said he believed it could have a "material impact" on the firm.

"Data shows almost a quarter of the store's sales happen online, so no matter how long this pause is put in place, it will hurt M&S financially," he said.

The retailer is the latest major name to experience significant disruption to its online services in recent months.

Morrisons faced huge problems with its Christmas orders last year, with deliveries cancelled and discounts not applied.

This was followed by two major banking outages on what was pay day for many in the first two months of this year.

In January, serious IT problems at Barclays affected the bank's app and online banking. It was later disclosed Barclays could face compensation payments of £12.5m.

In February, several banks - notably Lloyds - faced outages, leaving businesses unable to pay staff.

Additional reporting by Liv McMahon