Marks & Spencer (M&S) has disclosed that it’s responding to a cyberattack over the previous few days that has impacted operations, together with its Click on and Acquire service.
The corporate is a British multinational retailer identified for promoting numerous merchandise, together with clothes, meals, and residential items. Marks & Spencer operates over 1,400 shops and employs 64,000 staff globally.
The corporate confirmed the cybersecurity incident in a press launch on the London Inventory Trade, stating that they’re working with cybersecurity specialists to handle and resolve the scenario.
“Marks and Spencer Group plc (the Firm, or M&S) has been managing a cyber incident over the previous few days,” reads the M&S assertion.
“As quickly as we turned conscious of the incident, it was essential to make some minor, short-term adjustments to our retailer operations to guard prospects and the enterprise and we’re sorry for any inconvenience skilled. Importantly, our shops stay open and our web site and app are working as regular.”
“The Firm has engaged exterior cyber safety specialists to help with investigating and managing the incident. We’re taking actions to additional defend our community and guarantee we are able to proceed to take care of customer support.”
M&S didn’t present particular particulars on the character of the cyber incident however stated it notified the info safety supervisory authorities and the Nationwide Cyber Safety Centre.
Whereas M&S shops, its web site, and its app stay operational, the corporate says that the cyberattack has induced some disruption to its operations.
This contains delays in its Click on and Acquire order system, telling prospects to attend for an e-mail stating an order is prepared for decide up earlier than coming to the shop.
In an e-mail despatched to affected prospects, M&S apologized for the inconvenience and guaranteed prospects that efforts have been underway to resolve the problems and resume common service.
No ransomware gangs or different menace actors have claimed accountability for the assault, and sure will not for fairly some time, as they strain the corporate into paying an extortion demand.
Nonetheless, if ransomware is behind this assault, knowledge is probably going stolen and will likely be used as additional leverage to persuade the corporate to pay.
BleepingComputer contacted Marks & Spencer with questions in regards to the assault and can replace the story if we obtain a reply.
