Home Innovation Payment and Card Cyberattack Hits Marks & S...

Cyberattack Hits Marks & Spencer, Disrupts Payments and Online Order Services

Payment and Card

Business Honor
24 April, 2025

M&S assures no customer payment data breached amid ongoing cybersecurity investigation.

British high-street chain Marks & Spencer has confirmed a cyberattack that disrupted contactless payments and slowed online order collections in its UK stores. The problem started at the weekend, impacting customers' use of contactless cards and picking up online orders.

Notwithstanding the disruptions, M&S had assured customers that their personal data was safe and that there had been no indication of data breaches. The firm has reported the incident to the National Cyber Security Centre and is working with cybersecurity specialists to determine and contain the issue.

Following the incident, M&S instituted temporary measures altering store operations in order to keep customers and business safe. As physical stores remain open, as well as the website and app operating at normal levels, the retailer works hard to remedy the payment malfunction and return service to full functionality.

Shoppers complained on social media about struggling with contactless payments and collecting online orders. One Plymouth shopper said they could not pick up an online order, while another in London said no pickups or returns were available at their store.

This attack is one of a larger pattern of cyberattacks against UK companies. Recent high-profile examples include Transport for London, Royal Mail, and WH Smith cyber incidents. A 2022 government report showed that 40% of UK companies had suffered a cybersecurity incident in the previous year.

M&S reaffirmed its commitment to customer trust and said it would give notice if circumstances were altered. The company is making proactive efforts to secure its network and maintain the continuity of its services.