'Cyber Incident' Addressed by Well-Known British Retailer Marks & Spencer

Marks & Spencer has been managing a cyber issue over the past few days, which the company announced yesterday.

They shared an update on the London Stock Exchange website stating they had to make some "small and temporary changes" in store operations to protect their business and customers.

With the help of outside experts, Marks & Spencer has begun an investigation and is working on strengthening the security of their network to keep serving their customers efficiently.

This well-known British retailer, headquartered in London, offers a variety of products including clothes, beauty items, home goods, and food. Despite the recent "operational changes," their physical stores are still open, and their website and app continue to function normally.

While specific details about the cyber issue or its origin have not been disclosed, Marks & Spencer has notified the Information Commissioner's Office (ICO) and the National Cyber Security Centre (NCSC) about the situation.

Affected customers received an email echoing the update on the London Stock Exchange website. The message reassured customers that no immediate action is needed from them and promised to provide updates if things change.

The email also mentioned potential minor delays in "Click and Collect" orders, assuring customers that efforts are underway to minimize these delays.

Javvad Malik, who is a lead security awareness advocate at KnowBe4, commented to Dark Reading that the interruptions to Click and Collect services and contactless payments highlight how technical issues can impact the entire organization.

Malik praised Marks & Spencer for informing the ICO promptly and being transparent about the incident, while also noting that the situation points to possible weaknesses in their cyber resilience and crisis management approach.

As of now, no individual or group has claimed responsibility for the cyber issue.