Cyberattack ate up profits for first half of year, retailer M&S says

Marks & Spencer (M&S), the well-known British retailer, saw its profits nosedive to just £3.4 million ($4.4 million) in the first half of 2025, a dramatic fall from £391.1 million ($510 million) during the same period the previous year. The steep decline came as a direct result of a major cyberattack in April, which severely disrupted the company's online sales operations for several months. CEO Stuart Machin described the first half of the year as an “extraordinary moment,” but reassured that the company is now “getting back on track” following the incident. The cyberattack forced M&S to take drastic measures, including disconnecting its warehouse management systems and online ordering processes to contain the damage. While home delivery orders were able to resume in June, the popular "click and collect" service—which allows customers to order online and pick up items in-store—only returned in August. By the time the company released its earnings report, nearly all operational systems had been restored, marking significant progress toward recovery. Previously, M&S had forecasted that the cyberattack would cost them around £300 million ($395 million) in profits, so the final figures, while still severe, were somewhat less devastating than initially feared. The financial blow was somewhat cushioned by an £100 million ($130.4 million) insurance payout, which helped soften the revenue loss. The attack itself is believed to be linked to the Scattered Spider hacking collective, a group also suspected of targeting other prominent UK retailers such as Co-op and Harrods. In July, authorities arrested four suspects in connection with these cybercrimes, including one teenager. These events are part of a worrying trend of cyberattacks against major British retail companies, which have caused significant operational disruptions and financial damage. Interestingly, some competitors like Next have actually benefited from M&S’s troubles, reporting a 7.6% increase in sales recently, attributing part of their growth to “competitor disruption.” This shift highlights how cyber incidents at a major player can ripple across the market, reshaping consumer behavior and competitive dynamics. The incident underscores the increasing vulnerability of retail businesses to sophisticated cyber threats and highlights the critical importance of robust cybersecurity measures. M&S's experience serves as a cautionary tale for the industry, emphasizing the need for swift incident response and ongoing investments in technology resilience to mitigate the risks posed by cybercriminal groups.