Overview

• Marks & Spencer has confirmed a cybersecurity incident disrupting in-store contactless payments and online order pick-ups over recent days.
• The company has implemented temporary operational changes to safeguard customers and its systems, with some delays to click-and-collect services persisting.
• External cybersecurity experts have been engaged, and the incident has been reported to the National Cyber Security Centre and data protection authorities.
• M&S has reassured customers and staff that no action is required on their part, suggesting no evidence of compromised customer data at this time.
• CEO Stuart Machin issued an apology for the inconvenience caused, emphasizing the retailer's commitment to resolving the issue and maintaining trust.