M&S left with empty shelves after cyberattack

In a message on its website, M&S said the pause on orders was “part of our proactive management of a cyber incident”

Marks & Spencer shoppers face empty shelves as the retailer grapples with the fallout from a crippling cyber attack that has lasted more than a week.
A spokesman for M&S said the decision to take some of its systems temporarily offline had resulted in “pockets of limited availability in some stores”, adding: “We are working hard to get availability back to normal across the estate.”

Empty shelves are the latest sign that the retailer is struggling to contain the fallout from the crippling cyber attack. On Monday, M&S customers were left unable to make online orders for a fourth day.
In a message on its website, M&S said the pause on orders was “part of our proactive management of a cyber incident”. The company has so far given no indication as to when the disruption will end. The problems began with the halting of click-and-collect orders and the failing of M&S’s contactless payment systems over the Easter weekend.
Shoppers have been left increasingly frustrated. One writing on social media claimed they had driven an hour to an M&S store in Aberdeen, only to find many groceries missing. They said: “M&S needs to keep customers better informed.”

The group has said it will refund orders placed by customers on Friday. Customers who want to collect orders placed online have been advised to wait until they receive an email to collect their purchases, although this could take longer than usual.
Staff claimed the stocking issues were down to disrupted store deliveries following the cyber attack, with some workers saying that they received much fewer pallets than normal, while others said their stores were being overloaded with stock.
On Monday, M&S told agency workers at one of its major distribution centres in the East Midlands not to come to work as the fallout from the incident escalates.
At the Castle Donington warehouse, which handles M&S clothing and homeware, about a fifth of workers are agency staff. Shares in the company slumped by as much as 3pc on Monday in response to the ongoing disruption.
More than £500m has now been wiped off the value of M&S over the past week, with the stock price down by more than 6pc. Nicholas Found, from Retail Economics, said: “While the true cost will only be clear once the dust settles, it’s likely to be costing Marks & Spencer seven figures per day, as digital channels have been offline for a prolonged period. With a spell of good weather forecast this week, shoppers will be encouraged to buy summer outfits, but are unlikely to wait around.”
In these attacks, criminals infiltrate an IT system, freeze it and demand payment from companies before allowing them to gain control again.
While M&S has not commented on the gang behind the attack, cyber criminal groups are often given a safe haven in Russia, while others have operated out of Eastern Europe, Iran and China. Oxford University’s Cybercrime Index ranked Russia as the number one source of criminal ransomware attacks, followed by Ukraine and China.
Targeting its online business will be extremely costly for M&S. More than 3m orders are placed online at M&S every month, of which about 2.2m are click-and-collect orders. It suggests that as many as 450,000 click-and-collect orders will be have been affected over the past week.
The company has set out a target to make half of its clothing sales online. In its last financial year, it sold £1.3bn worth of clothing and homeware online, accounting for around a third of the total sales in the departments.
The decision to stop customers placing orders is the latest in a series of steps taken by M&S as it scrambles to respond to the cyber attack. The company last week switched off some IT systems that allowed its staff who work from home.