Marks & Spencer website crashes again after cyberattack: customers see only update message

22 May 2025 , 07:52
879     0
Marks & Spencer website crashes again after cyberattack: customers see only update message
Marks & Spencer website crashes again after cyberattack: customers see only update message

Just a day after an executive said disruptions from a cyber attack will last until July, the Marks & Spencer website is down for customers again.

Visitors to the M&S website are greeted with the message: ‘Sorry, you can’t browse the site currently. We’re making some updates and will be back soon.’

The BBC has reported that the site may be undergoing routine maintenance, but questions have been raised after the recent cyber incident.

M&S halted orders on its website and stores had empty shelves after being targeted by hackers around the Easter weekend.

The hackers accessed customer personal data, which could have included names, email addresses, postal addresses and dates of birth.

The retail giant said on Wednesday that ‘human error’ caused the attack, which will cost the firm around £300 million, and chief executive Stuart Machin confirmed disruption could last until July.

Despite recent issues, M&S reported a higher-than-expected adjusted pre-tax profit of £875.5 million for the year to March, up 22.2% from 2024.

Joe Jones, CEO of the cybersecurity attack simulation company Pistachio, previously explained to Metro that while the upmarket retailer seems like a rogue choice for hackers to go for, it makes a lot of sense.

‘M&S is a household name with a vast and loyal customer base, which makes it a high-value target for cybercriminals,’ he told Metro.

‘Large retailers hold enormous amounts of personal data, everything from names and addresses to detailed purchase histories. That kind of data is gold dust for attackers running social engineering scams or looking to sell verified profiles on the dark web.’

M&S, like many retailers, isn’t just a brick-and-mortar store. It’s websites, mobile apps, marketing emails and delivery services that amount to more ‘digital touchpoints that can be exploited’.

‘It’s not necessarily that M&S was uniquely vulnerable; rather, it’s a classic case of “big brand, big data, big target”,’ he added.

None of the victims of the breach has revealed the details of how crooks jimmied open their systems. The National Cyber Security Centre said that officials aren’t sure if the attacks are linked.

Editorial Team

Sophia Martinez

World Affairs Correspondent

Cyber Hacker, Cyber attack, Marks & Spencer

Read more similar news:

07.01.2023, 23:27 • News
PC and Mac users warned over 10 'red flags' you're being spied on
30.01.2023, 11:25 • Finance
JD Sports warns 10million customers may have had data stolen after cyber attack
28.03.2023, 12:21 • Tech
Check your Gmail inbox now and delete dangerous emails that are stealing data
18.04.2023, 23:01 • Crime
Russian hackers 'trying to black out Britain' by targeting power stations
05.06.2023, 18:09 • News
Thousands of staff hit by major data hack at BBC, BA and Boots linked to Russia
08.08.2023, 11:49 • Politics
Millions hit in cyber attack on electoral roll that no one noticed for a year
09.08.2023, 08:39 • Politics
Russians blamed for cyber attack that put details of 40 million voters at risk
02.09.2023, 21:09 • More
Ex newsreader Angela Rippon among BBC stars targeted by Russian cyber attack
07.09.2023, 16:21 • World
Russian web gangsters named by UK and US for hacking hospitals during Covid
11.09.2023, 18:59 • News
Major casino resort firm hit by huge cyber attack as guests locked out of rooms