- Have YOU had problems using M&S online? Email Sam.Lawley@mailonline.co.uk
Marks & Spencer has restored its popular click-and-collect service for the first time in months following a crippling cyber attack.
The retail firm – which runs 565 stores across the UK – has faced heavy disruption after being targeted by hackers in April.
M&S halted orders on its website over the Easter weekend and was also left with empty shelves in the wake of the attack.
Customers had to wait until June to use the store’s website again as it opened itself back up to online shoppers in the hunt for the latest fashion ranges.
But it’s taken even longer to reinstate M&S’ click-and-collect service, which allows users to order items on the website and pick them up in-store the following day.
The system relies on integrating the retailer’s online ordering platforms, payments systems, inventory management as well as in-store logistics.
It is likely that April’s cyber attack had an effect on these systems’ operations and M&S wanted to make sure they were all running smoothly and securely again before reopening the service.
The ransomware attack is thought to have been conducted by hacking collective DragonForce and ended up with the theft of many customers’ details – which could have included names, email addresses, postal addresses and dates of birth.
Marks & Spencer has restored its popular click-and-collect service for the first time in months following a crippling cyber attack (Stock Photo)
Empty food shelves at a Marks & Spencer in Cambridge on April 29 after the attack
It also resulted in empty shelves after the firm dismantled its inventory management systems to mitigate against further damage by hackers.
While its stores have been able to remain open and trade throughout, contactless payments were impacted initially – while there was also some stock availability issues as it had to temporarily switch to manual processes following the attack.
M&S revealed in May that the hack was caused by ‘human error’, and would cost it around £300million.
Chief executive Stuart Machin said upon reporting annual figures that hackers gained access to the company’s IT systems through a third party.
He said: ‘We didn’t leave the door open, this wasn’t anything to do with under-investment. Everyone is vulnerable. For us, we were unlucky on this particular day through some human error.’
Four people have been arrested in connection with the attacks, as well as separate ones on the Co-op and Harrods.
Two British men aged 17 and 19 were detained in the West Midlands and London alongside a 19-year-old Latvian an a 20-year-old British woman from Staffordshire.
They are accused of a variety of offences under the Computer Misuse Act, including blackmail, money laundering and involvement in organised crime.
Shelves were empty inside a Marks & Spencer store in Paddington, London on April 29
M&S chief executive Stuart Machin, pictured, revealed hackers accessed personal customer data
Chairman Archie Norman, pictured in 2018, said the significant impact of the hack is likely to ‘endure for some weeks, or even months’
All four were arrested at home and had their electronic devices seized for digital forensic analysis.
They have been questioned by specialist National Crime Agency (NCA) officers in relation to the three attacks.
M&S said the incident is likely to drag its group operating profits down by around £300million this year, but it expects this to be reduced through cost management, insurance and other reactions.
The company suggested it could reduce the impact of the attack by as much as ‘half’.
Also in June, M&S chairman Archie Norman said the significant impact of the hack is likely to ‘endure for some weeks, or even months’.
He went on to add that he hoped the company would be able to claw back some of the heavy losses from insurance payouts.
Speaking in front of a business and trade sub-committee meeting in July, the top exec put DragonForce’s motives down to ‘partly, undoubtedly, ransom or extortion’.
He described April’s ordeal as ‘an out of body experience’.
Meanwhile the annual report revealed Mr Machin saw his pay package soar by 39 per cent to £7.1million for the year to March after a sharp rise in performance-linked bonuses.
