M&S Cyber Attack Crisis Wipes almost £700M off Market Value

Marks & Spencer has implemented emergency network restrictions, shutting down remote work systems as the retail giant battles what appears to be a devastating ransomware attack. The crisis has already cost the company over £700 million in market value and continues to paralyse critical business operations.

Company employees can still work remotely but face substantial limitations. According to The Times, M&S has disabled several programs used to access internal systems, a strategic move to contain the breach and prevent further damage.

Security analysts suggest the company may have cut off its virtual private network (VPN) connections, effectively isolating potential attack vectors while digital forensics teams work to regain control.

While M&S has yet to confirm the exact nature of the incident, The Telegraph reports the company is "being held to ransom by a criminal gang," indicating this may be a sophisticated ransomware attack rather than a simple data breach.

The financial impact has been immediate and severe. M&S shares dropped again Monday morning, extending losses that have already erased £700 million from the retailer's market value since the attack began.

Consumer-facing disruptions remain widespread. For the fourth consecutive day, M&S has suspended all online orders through both its website and mobile app. In-store operations continue to face limitations, though contactless payments have been restored after initial outages.

The attack has forced operational cutbacks beyond digital channels. On Monday, approximately 200 agency workers at the company's Castle Donington distribution centre, the main hub for clothing and homewares logistics, were told to stay home due to the collapse in order processing.

M&S has formally reported the incident to data protection authorities and the National Cyber Security Centre, suggesting potential customer data exposure may be among the company's concerns.

Financial analysts warn of lasting damage. Susannah Streeter, head of money and markets at Hargreaves Lansdown, characterised the online sales suspension as "hugely damaging for sales," particularly noting that the attack coincides with warm weather that typically drives summer fashion purchases.

"While other retailers have not been immune to IT breaches, the depth of Marks and Spencer's problems in resolving the issue are worrying, and it may take some time to win back some more warier shoppers," Streeter noted.

What remains unclear is how much sensitive data may have been compromised and what specific demands the attackers have made.