Marks & Spencer, a renowned British retailer, has temporarily halted its online ordering services as it grapples with an ongoing cyber incident. The decision to pause taking orders via the M&S.com website and app was announced in a social media post on April 25. It remains unclear when these services will be restored, causing inconvenience to customers who rely on online shopping from the retailer.
The retailer first confirmed the cyber incident three days prior, shedding light on the challenges they are facing in addressing the situation. While the specific reasons for pausing online orders were not disclosed, industry experts suggest that such actions could be part of the incident response strategy. In cases where backend services are affected, shutting down certain operations may be necessary to contain the breach and prevent further damage.
Matt Saunders, Field CTO at Adaptavist, emphasized the importance of taking down services to mitigate the impact of the intrusion. He mentioned that the decision, although bold, allows the company to assess the situation, gather evidence, and prevent additional harm from occurring. By focusing on stopping the intrusion and understanding the scope of the problem, M&S aims to safeguard their systems and protect customer data.
Initially, the cyber incident caused disruptions to contactless in-store payments and click and collect services. Jamie Moles, a Network visibility specialist at ExtraHop, highlighted the broader impact beyond just the website, suggesting that integrated backend systems and retail networks could also be affected. While contactless payments have been restored in most stores, click and collect services remain disrupted, impacting the overall customer experience.
As the situation unfolds, M&S reassured customers that they can still browse products online and that physical stores remain open for in-person shopping. However, the pause in online and app sales is expected to have a significant financial impact on the retailer. William Wright, CEO of Closed Door Security, expressed concerns about the potential loss in revenue, as online sales play a crucial role in M&S’s overall business performance.
Despite the disruption, M&S advised customers not to take any immediate action in response to the cyber incident. The company has engaged leading cybersecurity experts to manage the response and has notified the UK’s National Cybersecurity Center (NCSC) about the incident. Saunders emphasized the complexity of modern cyber threats and the importance of preserving evidence for law enforcement to facilitate a quicker resolution and return to normal operations.
In conclusion, Marks & Spencer’s decision to pause online orders reflects the seriousness of the cyber incident they are currently facing. While efforts are being made to address the breach and secure their systems, the temporary disruption in online services underscores the evolving nature of cybersecurity threats in today’s digital landscape. Customers are urged to stay informed and exercise caution during this challenging time for the retailer.