A Cyberattack Results In A £300 Million Loss For UK Retailer Marks & Spencer
On Wednesday, British clothing and food retailer Marks & Spencer revealed that a cyberattack disrupting its online services will likely persist until July and cut the group’s profit by approximately £300 million ($404 million).
Cyberattack Disrupts Online Operations, Hits Sales in Key Divisions
Last week, Marks & Spencer disclosed that a cyberattack had compromised some customer personal data and severely disrupted its online services for several weeks.
The company stated that the necessary suspension of online shopping has significantly affected online sales and trading profit in its Fashion, Home & Beauty divisions, though physical stores have continued to perform well.
They added that the disruption will likely continue through June and into July as the company gradually resumes and ramps up its online operations.
The retailer estimated that the cyberattack will reduce annual group operating profit by around £300 million, but it noted that cost management, insurance claims, and other commercial measures will partially offset this impact.
This update coincided with Marks & Spencer reporting an operating profit before adjustments of £985 million for the financial year ending in March.
Ransomware Attack Sends Shares Down and Disrupts Core Operations
Following the announcement, Marks & Spencer’s share price fell by 2.5 percent at the opening of trading in London.
Since Easter, a ransomware attack has severely disrupted the company’s operations, forcing it to halt online sales, disable contactless payments in stores, and suspend recruitment activities.
Marks & Spencer stated that the stolen data may include names, birthdates, addresses, and phone numbers. However, it confirmed that the ransomware attack did not compromise any ‘usable payment or card information’ or account passwords.
The company has reported the incident to the appropriate government bodies and law enforcement agencies.
Dan Coatsworth, an investment analyst at AJ Bell, pointed out that a major uncertainty remains regarding possible fines from the UK’s Information Commissioner’s Office, which oversees data protection regulations.
Based on how such fines are calculated and the scale of previous penalties issued for similar breaches, Coatsworth estimated that Marks & Spencer could face an additional financial impact of around £550 million.
Criminal Investigation
Britain’s National Crime Agency (NCA) told the BBC that it is investigating a series of cyberattacks, including incidents targeting luxury retailer Harrods and the Co-op food chain.
Paul Foster, head of the NCA’s national cybercrime unit, stated in a BBC documentary, “We are examining the group known publicly as Scattered Spider, though we’re also exploring several other lines of inquiry.”
According to the BBC, the attacks have been executed using DragonForce, a platform that equips criminals with tools to launch ransomware attacks.
Although the cyberattack on Marks & Spencer caused significant disruption, CEO Stuart Machin referred to it as merely “a bump in the road.”
“It’s been a tough period,” he acknowledged, “but it’s just a moment in time. Our focus is now on recovery, with the goal of emerging from this even stronger.”
Read the original article on: Tech Xplore
Leave a Reply