Giant British retailer Marks & Spencer (M&S) is expected to lose more than $400 million due to a cyberattack that disrupted business operations.
In a new note to investors, M&S says that the company believes the cyberattack will reduce profits in the fiscal years 2025-2026 operating budget by $403 million, “before cost mitigation, insurance and trading actions.”
-->Says M&S CEO Stuart Machin,
“Over the last few weeks, we have been managing a highly sophisticated and targeted cyber-attack, which has led to a limited period of disruption. We have tackled this head on with incredible spirit, teamwork and deep sense of responsibility as we prioritized serving our customers…
As a team, we have worked around the clock with suppliers and partners to contain the incident and stabilize operations, taking proactive measures to minimize the disruption for customers.”
Machin also says sales disruptions due to the cyberattack, which the company announced on April 22nd, may continue for the next two months.
“In Fashion, Home and Beauty, online sales and trading profit have been heavily impacted by the necessary decision to pause online shopping, however stores have remained resilient. We expect online disruption to continue throughout June and into July as we restart, then ramp up operations.”
The M&S cyberattack allowed the cybercriminals to obtain sensitive personal information from the retailer’s customers, including contact details, date of birth and online order history.
The incident appears to be connected with a broader operation by a hacking group known as “DragonForce,” which has also claimed responsibility for a breach of the Co-op Food grocery chain, also in the UK.
Follow us on X, Facebook and Telegram
