13 May 2025
Marks & Spencer has confirmed that personal customer data was stolen during a cyber attack that has disrupted operations for over three weeks.
While the retailer assured customers that no payment details, passwords, or card information were compromised, and there is no sign the data has been shared, the attack has forced M&S to halt online orders, pause popular meal deals, and contend with stock shortages.

The incident, believed to involve ransomware and potentially a £10 million ransom demand, highlights the growing threat of cybercrime.
The breach should serve as a wake-up call for independent retailers, many of which will lack the levels of robust cybersecurity infrastructure that large retail chains have in place and therefore even more vulnerable to similar attacks.
Cyber & Data Insurance is more important than ever...
With cyber crime a growing risk for independent businesses, getting protection from the potential damage that can be caused is vital.
Stay updated and in-the-know with our Cyber Security hub
Access guidance on how best to protect your business from cyber threats and cyber attacks, tailored for independent retailers.
Related News
-
Reduction in knife enabled crime a "positive step", says Bira
Knife-enabled robberies have fallen in some of the most affected areas of England, reports the Government.
-
Bira calls for stronger action as shop theft reaches record high
Shoplifting increases by 20% to highest level since current recording began.
-
Bira supports ShopKind campaign to tackle abuse of shopworkers
The Association of Cycle Traders (ACT) has welcomed the All-Party Parliamentary Group for Cycling and Walking's report "Unregulated and Unsafe: The Threat of Illegal E-Bikes".