In This Article:
Disruption from the cyber attack at Marks & Spencer could drag on for weeks, it is understood.
The retailer is racing to rebuild, repair and replace IT systems as it grapples with the fallout from a ransomware attack that hit almost a fortnight ago.
However, IT disruption could continue for weeks, sources suggested. Some systems, including its online clothing and homeware orders, are believed to be much more difficult to bring back to normality.
On Thursday, customers complained they were still facing empty shelves in food halls, while online orders remained down for a seventh day.
M&S is understood to have started rolling out new systems in a bid to rapidly restock food halls after ahead of the bank holiday weekend.
A spokesman for M&S said: “The whole team continues to work hard to minimise disruption for customers and our stores are open and ready to welcome them.
“As soon as we have any update, including on timescales, our customers will be the first to know.”
The warning over further disruption comes almost two weeks after issues first emerged. The retailer pulled click-and-collect options for customers and stopped people from paying with contactless cards over the Easter weekend.
Since then, it has also been forced to stop accepting online orders and the company has also stopped recruitment.
As of April 22, M&S’s website showed it was recruiting for 232 roles across its stores, warehouses and offices. Now, the company – which employs around 65,000 people – says it has no open jobs.
In a banner on its job website, M&S says: “Sorry, you can’t search for or apply for roles right now. We’re working hard to be back online as soon as possible.”
The spokesman added: “While we proactively manage the cyber incident, we are temporarily pausing some of our normal processes so we can continue to work hard on offering the best M&S for our customers and colleagues. Job adverts will be up again in due course.”
Last week, M&S confirmed it had been hit by a cyber incident, although suggested it was hoping disruption would be temporary. However, it has struggled to get systems back online.
The attack is understood to have been a ransomware attack, which is where criminal gangs infiltrate a victim’s computer systems and use a virus to lock the system before demanding payment to unlock it.
Attacks also often threaten to release information on the dark web.
The National Cyber Security Centre (NCSC), which is working with M&S, advises that companies do not pay ransoms.
M&S has also called in Metropolitan Police detectives and the National Crime Agency, as well as cyber experts from Silicon Valley security company CrowdStrike.