M&S Cyber-attack a “Wake-up Call” for UK Retailers

Food, clothing and homeware retailer Marks & Spencer (M&S) is working around the clock to recover from a significant cyber-attack that has wiped almost £750 million off its value. Additional retailers, the Co-op and Harrods, recently reported similar attacks that forced them to temporarily shut down parts of their IT systems. These attacks are a stark reminder of the potential vulnerabilities in digital systems and the importance of robust cyber-security measures.

National Cyber Security Centre (NCSC) CEO Dr Richard Horne said, “These incidents should act as a wake-up call to all organisations. I urge leaders to follow advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.”

About the M&S Cyber-attack

M&S first reported problems over the Easter weekend when it experienced issues with click-and-collect orders and contactless payments. By Tuesday, 22nd April, the retailer had confirmed it had experienced a cyber-incident and was forced to stop taking online and phone orders. Although the breach did not involve customer data, its operational and financial impact could take months to recover from. In fact, the fallout from the incident is costing M&S £15 million weekly, according to Deutsche Bank analysts, and the retailer’s share price has plummeted.

Although it’s not known who is responsible for the attack, a hacking collective known as Scattered Spider is thought to be involved. The incident stemmed from a ransomware attack that leveraged social engineering techniques to reset an employee’s password, which was then used to breach the network.

Following the attack, the NCSC urged organisations to review their IT help desk password reset processes to reduce their chances of getting hacked. In particular, help desks should reassess how they authenticate staff members and consider having a code word for employees to use when they make contact to change their credentials.

The Police and the National Crime Agency are working with M&S to investigate the cyber-attack, and further details may be made available in due course.

Next Steps

In light of the recent cyber-attacks on retailers, organisations across sectors should review their cyber-hygiene measures to reduce the likelihood of falling victim to similar breaches. Additionally, robust cyber-insurance and business interruption cover can help financially safeguard companies from cyber-threats’ perils.

Search by Industry

Search by Product

If you would like advice or a quotation please contact us.

We are an independent and regulated UK insurance broker predominantly supporting clients in:
London and the South East including: Surrey, Kent, East Sussex, West Sussex, Ashford, Bexhill, Brighton, Caterham, Chatham, Copthorne, Crawley, Crowborough, Croydon, Dorking, East Grinstead, Eastbourne, Edenbridge, Forest Row, Gillingham, Gravesend, Hastings, Haywards Heath, Heathfield, Horley, Horsham, Hove, Kingston upon Thames, Leatherhead, Lewes, Lingfield, Maidstone, Newhaven, Oxted, Redhill, Reigate, Royal Tunbridge Wells, Seaford, Sevenoaks, Sutton, Swanley, Tonbridge, Uckfield, Woking, Worthing