Marks and Spencer's first-half statutory profit before tax was nearly eliminated, falling from £391.9m to £3.4m, and adjusted profit more than halved to £184m, primarily due to a cyber attack. The incident incurred direct costs of approximately £136m, partially mitigated by a £100m insurance claim, and severely impacted sales as online systems were unavailable for months following a ransomware breach via a third-party contractor. This event underscores the significant operational and financial vulnerabilities major retailers face from sophisticated cyber threats.
Marks and Spencer (M&S) experienced a near wipeout of its first-half statutory profit before tax, which fell from £391.9m to £3.4m, directly attributable to a cyber attack. Adjusted profit before tax also more than halved, declining from £413m to £184m, reflecting significant financial damage. Direct costs associated with the incident totaled £136m, although £100m is being claimed back through insurance. The attack, executed via a third-party contractor, severely disrupted M&S's online sales capabilities, with systems offline from April into June and click-and-collect functions not restored until August. This prolonged operational outage was a primary driver of the sales and profit decline. The incident underscores critical supply chain cybersecurity vulnerabilities within the retail sector. This event is part of a broader trend, with other major UK businesses like The Co-Op and Jaguar Land Rover also experiencing similar disruptions. The M&S case highlights the escalating financial and operational risks posed by sophisticated cyber threats to large enterprises. The substantial unrecoverable costs and extended recovery period indicate potential deficiencies in current cybersecurity resilience.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Request a DemoOverall Sentiment
strongly negative
Sentiment Score
-0.85
