Marks & Spencer disclosed that a cyberattack, which will disrupt the retailer for months, occurred after hackers used social engineering to breach a third-party contractor's systems, bypassing M&S's direct digital defenses. CEO Stuart Machin noted the attackers employed sophisticated techniques after gaining access, leading to the halting of online sales, which are not expected to be fully restored until July. The investigation is focused on a group of young, English-speaking hackers, with M&S having increased its tech spending to bolster defenses.
Marks & Spencer (MKS.L) has confirmed a significant cyberattack, initiated through social engineering tactics targeting employees at a third-party contractor, thereby circumventing M&S's direct digital defenses. This breach, first disclosed on April 22, is anticipated to cause operational disruptions for several months, notably with the critical online sales channel not expected to be fully restored until July. Chief Executive Stuart Machin emphasized the sophisticated nature of the attack and acknowledged that despite M&S having trebled its technology spending over the past three years to bolster defenses, vulnerabilities via third-party vendors represent a pervasive threat. The company reportedly detected the intrusion within a "short" timeframe, quicker than the industry average of 10 days, and is actively working to restore affected systems, having already scanned approximately 600. The incident underscores the persistent and evolving nature of cyber threats, even for large retailers like M&S with nearly £14 billion in annual sales. The negative sentiment (-0.6 for MKS.L) and cautious tone associated with this event reflect the market's concern over the operational and potential financial impact, though the CEO declined to comment on any ransom demands.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Overall Sentiment
Negative
Sentiment Score
-0.40
Ticker Sentiment
