Marks & Spencer (M&S) on April 25, 2025. The UK retail chain got hit by a big cyberattack from a hacker group called Scattered Spider. It’s kind of a big deal because this group is known for pulling off some really advanced hacks on big companies. This attack messed up M&S’s services and has a lot of people worried about what happened to their personal info.
What Went Down?
M&S confirmed that the hackers got into their system and accessed some customer data. We’re talking about names, addresses, and order histories—stuff that’s personal but not super sensitive. The good news is they say things like credit card details and passwords didn’t get stolen, which is a relief. Still, because of the hack, M&S had to shut down their online ordering for a while. So if you tried to shop online or pick up orders in-store, you probably ran into delays or problems. It caused a lot of frustration for customers who rely on these services every day.
Who Are These Hackers?
Scattered Spider is not some random group. They’re pretty skilled and have a history of hacking big companies, like casinos and entertainment firms. They’re experts at finding weak spots in big networks, which shows even huge companies like M&S can be vulnerable. It’s a reminder that cybercrime is getting more serious and harder to stop.
How Is M&S Holding Up?
This attack has put M&S in a tricky position. First, their online systems are down, which means lost sales and annoyed customers. Their reputation takes a hit too—people don’t like hearing that their info might be at risk, even if it’s not super sensitive data. And then there’s the financial side: experts say M&S could be losing millions every week because of all this disruption. It’s definitely a big blow to a company that usually prides itself on reliability and trust.
What’s M&S Doing About It?
Right after the attack, M&S jumped into action. They brought in top cybersecurity experts to figure out what happened and stop more damage. They’re also working closely with UK authorities and telling affected customers what to do. One thing they’re asking everyone to do is change their passwords, just to be safe. Long term, M&S says they’re going to upgrade their cybersecurity to try to avoid something like this again. It’s clear this incident shook them up and showed how important it is to stay ahead of these threats.
What This Means for You
If you shop at M&S or use their services, here’s what you should do:
-
Change your M&S password and make sure it’s different from passwords you use elsewhere.
-
Keep an eye on your bank and credit card statements for anything weird—even though they say payment info wasn’t stolen, it’s better to be safe.
-
Follow updates from M&S so you know if they have any new info or advice.
This whole thing is kind of a warning for all of us — cyberattacks are real and can happen to big companies we trust.
Looking Ahead
M&S is working hard to fix everything and win back customer trust. They want to get their systems up and running smoothly again and are promising stronger protections in the future. Hopefully, with these changes, something like this won’t happen again. But honestly, it makes you think about how careful we all have to be with our online info nowadays.