M&S website down as retailer endures lengthy recovery from cyber attack
22 May 2025, 06:14
The store halted orders on its website and saw empty shelves after being targeted by hackers around the Easter weekend.
The Marks & Spencer website is down for customers as the retailer endures a lengthy recovery from a cyber attack.
Visitors to the M&S website are greeted with the message: “Sorry you can’t browse the site currently. We’re making some updates and will be back soon.”
The site is otherwise unable to be used.
The BBC reports the site may be undergoing routine maintenance.
M&S has been contacted for comment.
M&S halted orders on its website and saw empty shelves after being targeted by hackers around the Easter weekend, and customer personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken by hackers in the attack.
The retail giant said on Wednesday that “human error” had caused the attack, which is set to cost the firm around £300 million, and chief executive Stuart Machin confirmed disruption could last until July.
It came as the company reported a higher-than-expected adjusted pre-tax profit of £875.5 million for the year to March, up 22.2% on the previous year.
Robert Cottrill, technology director at digital firm ANS, said it was “vital” M&S took its time to get system recovery right, in order to ensure security and prevent future incidents.
“M&S appears to be taking the appropriate and necessary steps following the cyber attack, with a likely focus on restoring core systems and recovering critical data,” he told the PA news agency.
“The extended disruption may well be a result of attackers having targeted key infrastructure, which takes time to fully assess, secure and restore.
“Given the scale and complexity of M&S’s globally connected operations, the recovery process is understandably meticulous, with multiple interconnected systems requiring scrutiny.”
“It’s essential that M&S prioritises a secure and complete recovery over a rapid one. Rushing to bring systems back online without full assurance of their integrity could risk further compromise.
“Ensuring robust security at every layer before resumption is not just sensible – it’s vital.
“The major disruption and sales loss M&S has seen following the incident serve as a powerful reminder to all organisations: cybersecurity must be treated as a board-level issue. No business is immune to cyber threats, and those with complex digital ecosystems are particularly vulnerable.
“Effective incident response plans, regular testing and collaboration with cybersecurity experts are critical to minimising disruption.
“But more than that, a proactive approach that includes threat detection, security-by-design principles, and employee awareness is the best defence against increasingly sophisticated attacks.”
