​Marks & Spencer Cybersecurity Breach Lessons

28/04/2025

In April 2025, Marks & Spencer (M&S), a prominent British retailer, experienced a significant cyberattack that disrupted its operations. The incident affected contactless payments, click-and-collect services, and led to the suspension of online orders in the UK and Ireland. While M&S assured customers that their data remained secure, the breach highlighted vulnerabilities in retail cybersecurity infrastructures. ​

Incident overview

The Marks & Spencer cybersecurity breach commenced over the Easter weekend, causing widespread service disruptions. M&S had to temporarily shut down its website and app, and some operations were moved offline to mitigate the effects. The company engaged the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) to investigate the breach, suspecting potential foreign involvement.

Preventative measures and best practices

While M&S acted swiftly to address the breach, the incident underscores the importance of proactive cybersecurity measures. IT services companies can glean the following lessons

  1. Regular security audits: Conduct comprehensive assessments to identify and rectify vulnerabilities in systems and networks.​
  2. Employee training: Implement ongoing cybersecurity awareness programs to educate staff about potential threats and safe practices.​
  3. Multi-factor authentication (MFA): Enforce MFA across all access points to add an extra layer of security against unauthorised access.​
  4. Incident response planning: Develop and regularly update a robust incident response plan to ensure swift action in the event of a breach.​
  5. Third-party risk management: Vet and monitor third-party vendors to ensure they adhere to stringent cybersecurity standards.​
  6. Data encryption: Ensure sensitive data is encrypted both at rest and in transit to protect against data breaches.
A press statement released by Marks & Spencer, it reads"We have made the proactive decision to move some of our processes offline to protect our colleagues, partners, suppliers and our business. We are incredibly grateful for the understanding and support that our customers, colleagues, partners and suppliers have shown. We are working hard to restore our services and minimise disruption and are being supported by industry-leading experts.We will continue to update as appropriate as we work to resolve these issues. "
Statement released by Marks & Spencer 23/04/2025

The Marks & Spencer cybersecurity breach serves as a stark reminder of the evolving threats facing the retail sector. By adopting comprehensive cybersecurity strategies and fostering a culture of vigilance, businesses can better protect themselves and their customers from potential violations.

Don’t wait for an incident to expose your vulnerabilities. Our expert IT services team specialises in proactive cybersecurity strategies, tailored to your business needs. Get in touch today and start a conversation to secure your business.

Getronics Editorial Team

In this article:

Share this post

Related articles

See all articles

Talk with one of our experts

If you're considering a new digital experience, whatever stage you're at in your journey, we'd love to talk.
Request a callback
Services
About
Insights
Careers
Contact
Linkedin
Global Worspace Alliance logo in white with background transparent

Founding and leading member of the Global Workspace Alliance

Privacy Policy · Certifications · Policies · Terms & Conditions

©2025 Getronics

Linkedin