Marks & Spencer anticipates a £300 million hit to its operating profits for the 2025/26 financial year due to an ongoing cyberattack, which has caused significant disruption to its operations and online sales. Despite the challenges, CEO Stuart Machin emphasized the company's commitment to recovery and long-term growth, viewing the incident as an opportunity for transformation. Customer data was compromised in the attack, attributed to the ransomware group Scattered Spider, although sensitive payment information was not affected.

Marks and Spencer has restored its Click & Collect service after a cyberattack disrupted multiple services for over three months. While many core offerings are back online, some limitations remain, and the company faces significant financial losses due to the attack. Four suspects have been arrested in connection with the incident.

Marks & Spencer is experiencing significant disruptions due to a ransomware attack linked to the threat group known as Scattered Spider. The cyberattack, which began with the theft of sensitive data, has impacted the company's payment systems and operations, leading to the involvement of cybersecurity firms for response and investigation. Scattered Spider, recognized for sophisticated social engineering tactics, has escalated its activities and recently targeted multiple organizations.

Marks & Spencer has resumed online orders 46 days after a cyberattack, initially offering select fashion ranges to customers in England, Scotland, and Wales. However, full service is not yet restored, with standard shipping delays and certain delivery options still unavailable. The company faces significant financial impacts from the attack, estimating a £300 million loss in operating profits for the next year.