Marks & Spencer, a major retailer based in the UK, has confirmed that it is addressing a cybersecurity incident, following reports of disruptions and outages from customers. In a statement observed by TechCrunch, the company informed its customers on Tuesday that it has been handling a cyber incident for several days. This message, signed by Chief Executive Stuart Machin, explained that certain operational changes have been enacted to safeguard customers and the business.
The retailer assured that its stores are still open, and its website and app continue to function as usual. The specifics of the cyberattack or any potential impact on customer data remain unclear at present. A spokesperson for Marks & Spencer did not provide immediate comments when contacted by TechCrunch.
In a formal announcement with the London Stock Exchange, Marks & Spencer stated that it has involved external cybersecurity specialists to investigate the matter and has notified relevant data protection authorities.
A customer mentioned to TechCrunch that payment card terminals were not operational in-store. Additionally, several customers on social media reported similar issues at different locations, also experiencing disruptions to order pickups.
In a response to one customer query on X, Marks & Spencer acknowledged that it is making considerable efforts to address the technical problems occurring in stores.
According to its 2024 annual report, Marks & Spencer serves approximately 32 million customers annually.
