M&S finally relaunch online clothes shop after data leak – here’s how to buy the best bits & it’s NOT via their website

June 4, 2025

IT’S the moment millions of fashionistas have been patiently waiting for – the return of Marks & Spencer.

The popular retailer has been dealing with chaos that began in April when cyber crooks launched a “highly sophisticated” attack that’s still causing carnage behind the scenes, hitting everything from online orders to in-store stock.

Woman wearing a white lace blouse and black flared jeans. — The mega retailer has finally relaunched online clothes shop after data leakCredit: EBay

Woman in a brown and black animal print swimsuit. — But thrifty fashionistas won’t find the bargains on M&S websiteCredit: EBay

Woman in green patterned midi dress and black shoes. — The cyber attack forced M&S to halt online orders and triggered widespread disruptionCredit: EBay

The cyber attack, which kicked off over Easter weekend, has been one of the worst to hit the high street in years.

It has forced M&S to halt online orders and triggered widespread disruption, including a £300million blow to profits.

Customer info was also nicked during the breach, with security experts now blaming “Scattered Spider”— a notorious cyber gang thought to be behind the chaos.

Online shopping is still out of action and is expected to remain patchy until at least July, with fashion, home and beauty sales taking a battering.

Last weekend, bosses said it could still take around “five or six weeks” until shoppers can carry out online clothing orders.

Some stores have even been stripped of staples like bananas and Colin the Caterpillar cakes, and popular meal deals were pulled in smaller branches.

But as M&S bosses still deal with the situation, the mega retailer has found a way to treat fashionistas – and it’s not on their website.

Those on the lookout for a new summer wardrobe will be delighted to hear that M&S has partnered with the online marketplace eBay.

Similarly to M&S official website, their eBay page boasts just about anything you’d need – whether it’s last-minute swimwear for a beach holiday or new office clothing.

When clicking on the type of item you’re after, such as a skirt or jeans, it will automatically come up with different size options.

Fashion fans are racing to Primark for ‘gorgeous’ new £16 skirt that’s ‘perfect’ for holidays and will hide your mum tum

Once finding your right one, the site will narrow it down and showcase the gorgeous picks you can order online.

Online shoppers can also expect to pay £1.95 for delivery – which can take several days.

The new partnership also shows you how many other bargain hunters are looking at the item now – which comes in handy in case you don’t want to miss out on the deals.

Timeline of cyber attack

Saturday, April 19: Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues.
Monday, April 21: Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the “cyber incident” in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms “minor, temporary changes” to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) and engages external cybersecurity experts.
Tuesday, April 22: Disruptions continue. M&S takes further systems offline as part of “proactive management”.
Wednesday, April 23: Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected.
Thursday, April 24: Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February.
Friday, April 25: M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S’s share price.
Monday, April 28: M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home.
Tuesday, April 29: Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores.
Tuesday, May 13: M&S revealed that some customer information has been stolen.
Wednesday, May 21: The retailer said disruption from the attack is expected to continue through to July.

Several of the stunning pieces are now also on sale, with dresses slashed to as little as £15.

There are also heaps of summery swimwear to choose from – and they’re all under £30.

Meanwhile, M&S isn’t the only store facing cyber trouble.

What is a cyber attack?

A CYBER attack is any deliberate attempt to disrupt, damage, or gain unauthorised access to computer systems, networks, or digital devices.

These attacks can target individuals, businesses, or even governments, and their motives can range from financial gain to political disruption.

Cyber attacks can take many forms, employing various techniques to achieve their malicious goals.

Common types of cyber attacks include:

Malware: Malicious software designed to damage or gain control of a system. Examples include viruses, worms, ransomware, and spyware.
Phishing: Deceptive attempts to trick individuals into revealing sensitive information such as usernames, passwords, or credit card details, often through fake emails or websites.
Denial-of-Service (DoS) Attacks: Flooding a network or server with traffic to overwhelm its resources and make it unavailable to legitimate users.
SQL Injection: Exploiting vulnerabilities in website databases to gain unauthorised access to data.
Ransomware: Malware that encrypts a victim’s data and demands a ransom for its release.
Social Engineering: Manipulating individuals into performing actions or divulging confidential information.

Co-op was forced to shut down part of its IT system after facing a hacking attempt in April.

It confirmed that it had “taken proactive steps to keep our systems safe”.

It was later revealed that the personal data of a “significant number” of its 6.2million customers and former members had been stolen.

The details included names, contact information, and dates of birth.

However, the retailer assured customers that passwords, credit card details, and transaction information were not compromised.

Full services resumed on May 14, following the reactivation of its online ordering system.

Luxury retailer, Harrods, was also another victim of last month’s hacking saga.

They had warned shoppers about “restricted internet access” due to the attempted breach, which caused difficulties for some customers trying to make payments.

Source link