Skip to main content

M&S cyber-attacks: impact and revelations

10th June 2025

Catch up with our previous article on the retail hacks and find out what we have learnt since.

Do you remember in April when we saw a string of cyber attacks on retailers? Harrods, Co-op and Marks & Spencer were all impacted, with the later being hit worst of all. Well, since then, there have been a few revelations about the attacks that we wanted to make you aware of:

Impact: M&S has reported lost more than £40 million in sales each week since the attack first occurred. Some stores were left with empty shelves as they lacked the ability to order what they needed with online services shut down to avoid further breaches.

In fact, most of M&S’s online capabilities have been shut down since the attack, with their online shop offline, leading to a significant loss of sales. Overall, M&S dropped around £1.3 billion in market value and, while some elements of their IT have recovered, they are still recovering.

How it happened: it is believed that the attack occurred because hackers gained access through a third party. What that means it, M&S were not directly breached, but instead a person or organisation who also had access to their systems was to blame. If this was a supplier, a partner, or individual is yet to be seen.

The criminals: though it was believed that DragonForce, a cyber-crime service that offers hacking services in exchange for a cut of any ransoms collected, we didn’t have that confirmed until recently.

The hackers reached out directly to Joe Tidy, a cyber correspondent at the BBC, and it became clear that DragonForce were the likely culprits (though they are criminals, so it may be completely untrue).

Interestingly, Tidy notes that the hackers sent a “long angry and offensive letter and Co-op’s response to their hack and subsequent extortion”: in short, these criminals were frustrated that Co-op reacted so fast and avoided a worse breach.

Evidently, Co-op had some sort of plan in place for if an attack occurred, or at least someone on staff with the knowledge and nerve to react decisively when the hack first started. Nobody is invulnerable from cyber breaches, but how you defend and react makes a massive different, which is why Co-op is in a much better state than M&S.

If you think your business could be equally at risk, talk to Interfuture Security for advice and guidance.

https://www.bbc.co.uk/news/articles/cpqe213vw3po

https://www.bbc.co.uk/news/articles/cgr5nen5gxyo

Back to top