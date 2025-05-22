Marks and Spencer’s website was taken down while the retailer recovers from a cyber attack.

Earlier today the homepage was black and white with the message: “Sorry you can’t browse the site currently. We’re making some updates and will be back soon.”

No other pages could be accessed, but it is now back up and running - but as in recent weeks, orders cannot be placed and it is operating more like a catalogue or showcase.

M&S paused orders on its website and saw empty shelves after being targeted by hackers around the Easter weekend, and customers’ personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken in the attack.

The retail giant said on Wednesday that “human error” had caused the attack, which is set to cost the firm around £300 million, and chief executive Stuart Machin confirmed disruption could last until July.

It came as the company reported a higher-than-expected adjusted pre-tax profit of £875.5 million for the year to March, up 22.2% on the previous year.

Robert Cottrill, technology director at digital firm ANS, said it was “vital” M&S took its time to get system recovery right, in order to ensure security and prevent future incidents.

“M&S appears to be taking the appropriate and necessary steps following the cyber attack, with a likely focus on restoring core systems and recovering critical data,” he told the PA news agency.

“The extended disruption may well be a result of attackers having targeted key infrastructure, which takes time to fully assess, secure and restore.

“Given the scale and complexity of M&S’s globally connected operations, the recovery process is understandably meticulous, with multiple interconnected systems requiring scrutiny.

“It’s essential that M&S prioritises a secure and complete recovery over a rapid one. Rushing to bring systems back online without full assurance of their integrity could risk further compromise. Ensuring robust security at every layer before resumption is not just sensible – it’s vital.

“The major disruption and sales loss M&S has seen following the incident serve as a powerful reminder to all organisations: cybersecurity must be treated as a board-level issue. No business is immune to cyber threats, and those with complex digital ecosystems are particularly vulnerable.

“Effective incident response plans, regular testing and collaboration with cybersecurity experts are critical to minimising disruption.

“But more than that, a proactive approach that includes threat detection, security-by-design principles, and employee awareness is the best defence against increasingly sophisticated attacks.”