M&S Cyber Attack 2025: What Happened, and What UK Businesses Can Learn

Breaking: M&S Pauses Online Orders After Cyber Attack

Marks & Spencer (M&S) has been hit by a cyber attack, leading the retailer to suspend all online orders via its website and app. Announced on 25 April 2025, M&S described the move as a “proactive management” step while it investigates the incident with leading cybersecurity experts.

technical support cyber attacks

Although browsing remains available, new purchases cannot currently be made online. Physical stores are open as normal, and M&S has reassured customers there is no evidence of personal data being compromised. Customers do not need to take any action at this stage.

New developments reveal that the attack has had a wider operational impact. Around 200 agency workers at M&S’s Castle Donington distribution centre have been informed they are not currently required for shifts, due to the disruption. With online clothing and homeware sales estimated at nearly £3.8 million a day, the shutdown is expected to have a significant short-term impact on revenue.

This incident follows a rise in cyber attacks across the UK retail sector, highlighting important lessons for businesses of all sizes.

What M&S Cyber Attack Means for Customers

  • No action needed: Existing orders are being fulfilled. Customers should simply stay alert to phishing scams pretending to be from M&S.
  • Physical shopping unaffected: Stores are operating normally, with contactless payments restored.
  • Ongoing updates: M&S promises to update customers if the situation changes.

In short: customers can stay calm but should be cautious about suspicious emails or texts.

Lessons for UK Businesses

Whether you’re a 10-person office or a 200-user company, this attack shows how vital cyber resilience has become. For businesses serious about strengthening their cyber defences, achieving Cyber Essentials certification or investing in proactive Cyber Security solutions can make a major difference.

For Smaller Businesses (10–50 users)

  • Update and Protect Devices: Keep all systems patched and protected with antivirus software.
  • Enable Two-Factor Authentication: Particularly on email, banking, and admin accounts.
  • Train Staff on Phishing: A simple training session could stop the next big breach.
  • Back Up Data Regularly: Keep offline or secure cloud backups, and test them.
  • Have a Basic Incident Plan: Know who to call, how to isolate devices, and how to inform customers.

Having a reliable IT partner ready to step in can be critical, learn more about our Managed IT Support services designed for small businesses.

For Medium-Sized Businesses (50–300 users)

  • Strengthen Network Security: Use firewalls, segment networks, and monitor for unusual activity.
  • Control Access: Limit admin privileges and use multi-factor authentication widely.
  • Run Cyber Drills: Test your incident response plans and patch gaps before attackers do.
  • Enhance Backup Strategy: Automate daily backups and store copies securely off-network. A strong backup and recovery plan is vital, see how our Business Continuity and Backup services can keep your operations running even during a crisis.
  • Prepare a Crisis Comms Plan: Fast, clear updates to customers and build trust if something goes wrong.

No business — however big or small — can afford to overlook cyber security today.

M&S’s quick action to pause online orders — and the wider fallout now affecting warehouse operations - shows the importance of being prepared to act fast and manage disruption. Simple steps like strong passwords, staff awareness, regular backups, and a clear response plan can dramatically reduce risks.

The question isn’t if your business will face a cyber threat — it’s how ready you’ll be when it happens.

Protect Your Business From Cyber Attacks with UK IT Service

The M&S cyber attack in 2025 is a reminder that no business is immune to digital threats. Don't let a cyber attack cripple your profits or grind your business to a halt. At UK IT Service, we help businesses across London stay protected with proactive security solutions, expert support, and fast incident response.

Whether you need affordable protection for a small team or advanced monitoring for a larger operation, we’ll help you reduce downtime, prevent profit loss, and stay one step ahead of cyber threats.

Get in touch today to find out how we can safeguard your business - before a cyber attack strikes.

Facebook
Twitter
LinkedIn
Share
Pinterest
Follow by Email
mini logo

UK IT SERVICE Team

If you are looking for a partner to tackle the IT challenges of today’s world, we will be glad to help you out. Browse www.ukitservice.co.uk or send us a message today with your enquiries.
Contact Us for a Quote

Our Latest Posts

IT Support: In house vs Outsourcing and which is right choice for your business?

In house vs Outsourcing IT Support: Which is The Right Choice for Your Business? When companies find themselves needing to address a specific business need, one question they'll often have...

COVID-19: Remote Working for London Businesses - Tools you'll need to Work from Home [Part-2]

COVID-19: Remote Working for London Businesses - Tools you'll need to Work from Home [Part-2] With the number of COVID-19 (Coronavirus) confirmed cases on the rise in the UK, more...

COVID-19: Remote Working for London Businesses - A Guide to Work from Home [Part-1]

COVID-19: Remote Working for London Businesses - A Guide to Work from Home [Part-1] With the number of COVID-19 (Coronavirus) confirmed cases on the rise in the UK, more and...

map icon

Visit
7 Stean Street, London, E8 4ED

UK IT Service - IT Support London | 7 Stean Street, London, E8 4ED, United Kingdom | 020 3034 1059
Privacy Policy     GDPR      Terms and Conditions