Cyberattack on Marks & Spencer slices profits by more than a half - WTOP News

British retailer Marks & Spencer (M&S) faced a severe blow to its financial performance after a cyberattack forced the company to halt its online business. For the six months ending September 27, M&S reported that its underlying pretax profits plunged 55.4%, falling to 184.1 million pounds, or roughly $240 million. This drastic decline was largely due to a 40% drop in online sales for its home and fashion divisions, a direct consequence of the disruption caused by the cyberattack. The incident, which occurred around Easter weekend, forced M&S to stop taking any online orders for about six weeks. This not only impacted online retail but also disrupted the company’s logistics, causing empty shelves in stores. While food sales remained relatively stable and helped cushion some of the damage, the hit to fashion and home products was particularly severe. The fashion segment saw overall sales slide 16.4%, with online sales tumbling almost 43% during the first half of the year. M&S revealed that the cyberattack was triggered by human error. The financial cost was heavy: the company lost about 324 million pounds in sales but was able to recoup 100 million pounds through an insurance claim. Despite this, the attack is expected to affect profits by approximately 136 million pounds, including a projected 34 million pounds loss in the final six months of the year. What made this breach notably serious was the theft of customers’ personal data, potentially including names, email addresses, postal addresses, and dates of birth. This aspect raises concerns about the wider impact beyond immediate sales losses. Stuart Machin, the CEO of M&S, described the first half of the year as an "extraordinary moment in time" but confirmed the company is now working to get back on track. Following the attack, M&S gradually resumed operations, restarting home deliveries in June and click and collect services in August. The company reports improvements in online sales but admits that the recovery pace varies across sectors, with food bouncing back faster than fashion, home, and beauty products. Analysts like Dan Coatsworth from AJ Bell warn that the summer disruption could have lasting effects, as rivals like Next attracted customers during M&S’s downtime, and some may not return quickly. M&S is not alone in suffering cyberattacks recently; other British retailers, including luxury department store Harrods and the Co-op, have also been targeted. Authorities are investigating these incidents to determine if any connections exist. Experts from the UK’s National Cyber Security Centre and others warn that advances in generative artificial intelligence are escalating cyber threats, urging businesses and individuals alike to strengthen their cybersecurity defenses. Despite the setbacks, M&S remains cautiously optimistic about full recovery by the end of its financial year, even though the path ahead looks challenging, especially for its fashion and home divisions. The attack has underscored the vulnerabilities of modern retail operations to cyber threats and the need for robust risk management strategies in an increasingly digital marketplace.