Technology reporter & cyber correspondent
ReutersMarks and Spencer (M&S) customers have been telling the BBC of their frustration as disruption caused by the cyber attack which has hit the retailer continues into another trading week.
The incident – which it disclosed last Monday – has caused delayed parcels, paused online orders and suspended gift card payments, and has seen the retailer take down several parts of its operations over the last few days.
It has yet to disclose the nature of the cyber attack or when it expects operations to return to normal. Some customers told the BBC that M&S’ communication over affected orders has been “disappointing”.
Analysts warn the incident may affect the retailer’s reputation.
Its share price fell by 2.5% in morning trading on Monday and is down almost 10% over the past week.
Customers have been telling the BBC of the impact the situation is having on them.
Linda Sonntag, who lives in Norwich, told the BBC she was left “disappointed” after a flower delivery arranged for a friend never arrived.
She told the BBC she was still awaiting a refund and email with information about her order.
“In the meantime I’ve had to order flowers from somewhere else,” she said.
“I don’t blame them, they’ve had a cyber attack,” Ms Sonntag added.
“But I don’t think their attitude towards their customers is very helpful.”
Dawn Cunnington, of Exeter, agreed the company was not to blame, but said she had no communication from M&S about her own flower order not being fulfilled.
She had ordered flowers on Wednesday, on behalf of her 91-year-old mother, for her mother’s friend, who was celebrating their 90th birthday.
“I’d had nothing from them until I phoned up,” she told the BBC.
Ms Cunnington said she received a refund and a £10 apology voucher after calling M&S to find out what happened to the flowers, but was “a bit cross” they had allowed her to place the order in the first place, given it was aware of cyber incident.
Other customers have described having to cancel orders for clothes which they were expecting to collect before going on holiday, or being unable to return goods they had previously bought.
But some have expressed sympathy for the staff at the stores, who they say have been on the receiving end of abuse from angry customers, or having to deal with shopping abandoned at the tills when customers were unable to pay when contactless payments were down.
Working round the clock
M&S remains silent on how the cyber attack unfolded, the nature of the attack and how specifically it has been affected by it – leaving cyber security experts to speculate as to what might have happened.
It is known it has hired external cyber security experts, who are likely to be a team of incident response specialists who will be working around the clock either at the headquarters of the company or remotely.
Their first priority is likely to be find out where the hackers are in the IT system and kick them out.
Switching off computer servers used in their online ordering, payment or logistics systems might imply that security teams have isolated that portion as a way the hackers gained entry.
They might also have taken these offline to stop the hackers from spreading their malicious software into those previously unaffected areas.
It might also be the case that the company is taking all non-business critical services offline to help deal with the hack.
“In situations like this, in-store services are typically prioritised for recovery, which can mean online operations take slightly longer to restore,” said Sam Kirkman, a director at cyber-security firm NetSPI.
He told the BBC that while M&S taking steps like pausing services may make the incident seem “even more serious from the outside,” they would allow staff to contain any potential threats and begin recovery safely.
Reputational risk
About a third of M&S’s clothing and household goods’ sales in the UK are through its online platforms and were worth some £1.268bn in latest published financial results.
Susannah Streeter, head of money and markets at Hargreaves Lansdown, said even though M&S’s physical stores were still open, many of them “simply don’t stock the popular ranges from online”.
She added clothes sales were “likely to take a big hit” as the cyber-attack had occurred during a spell of warm weather when summer ranges would be “piling up in virtual baskets”.
Dan Coatsworth, investment analyst at AJ Bell, said M&S’s success was “built on trust” – and this was something customers may question after it suspended online orders.
“The longer it takes to draw a line under the cyber incident, the greater the risk to Marks & Spencer’s reputation,” he told the BBC.
“Shoppers want to know that their personal and financial details are safe when buying goods online and Marks & Spencer failing to give the all-clear implies that something is very wrong at its end.”
Additional reporting by Michael Race
Leave a Reply