In April 2025, Marks & Spencer (M&S), one of the UK’s most prominent retailers, faced a significant cyberattack that disrupted operations and highlighted the vulnerabilities in retail cybersecurity.
It’s now been a few days and the Cyber Attack is still disturbing their operations, with the business being unable to accept online orders and their loyalty card, Sparks Cards, unable to be used in store.
Key Details of the Cyberattack:
- Perpetrators: The attack was attributed to the hacking group Scattered Spider, comprising individuals from the UK and US.
- Method: Utilising ransomware, the attackers encrypted critical systems and exfiltrated sensitive data.
- Ransom Demand: While M&S has not confirmed the exact amount, reports suggest a ransom demand of approximately £10 million.
Impact on M&S Operations:
- Online Services: All online and app-based orders were suspended, affecting a significant portion of M&S’s clothing and homeware sales.
- In-Store Disruptions: Customers experienced issues with contactless payments and Click & Collect services.
- Workforce: Approximately 200 agency staff at one of their Distribution Centre were sent home due to operational disruptions.
- Financial Repercussions: The company’s market valuation dropped by nearly £700 million, with shares falling by 7%.
The Importance of Cyber Insurance
This incident underscores the critical need for robust cybersecurity measures and the role of Cyber Insurance in helping to protect and support the recovery of your business:
- Risk Mitigation: Cyber insurance can help cover losses from business interruptions, data breaches, and ransom payments.
- Reputation Management: Insurance can assist in managing public relations and restoring customer trust post-incident.
- Regulatory Compliance: Policies often provide support in navigating legal obligations and potential fines.
As cyber threats become increasingly sophisticated, businesses must prioritise cybersecurity and consider comprehensive cyber insurance to safeguard their operations and reputation.
Get in touch with our team to discuss Cyber Insurance, call 0117 947 9510 or complete our enquiry form and we’ll be in touch as soon as possible.