M&S Hit by £300M Cyberattack; Shares Plummet
Marks and Spencer (M&S) is grappling with a significant cyberattack that occurred in April 2025. The company's shares have plummeted, and it anticipates a substantial financial hit due to the incident.
The attack, carried out by a group known as 'DragonForce', impersonated a third-party user to gain access to M&S's systems on April 17. The intrusion was detected two days later, but not before causing significant disruption to the retailer's operations. M&S's cyber team has been working tirelessly to resolve the issue, with the company expecting it to be fully resolved by the end of May.
The hackers, who also targeted other businesses like the Co-op Group supermarket and Harrods, encrypted M&S's servers, leading to an estimated £300 million ($408 million) blow to the company's operating profit. M&S's shares have dropped by over 15% since the attack was first announced. The company is working with law enforcement agencies, including the National Crime Agency and the FBI, to investigate the attack.
M&S expects to recover a substantial amount from its insurance claim, with the process taking up to 18 months. Despite the setback, the company remains committed to strengthening its cybersecurity measures to prevent future incidents.
Read also:
- Web3 gaming platform, Pixelverse, debuts on Base and Farcaster networks
- Cannabis-Focused CTV Channel Citizen Green Launches for Global Streamers
- Goodyear in 2025: Advancement in Total Mobility through the Launch of Kmax Gen-3 by Goodyear
- Boston Metal pioneers route to commercial production for eco-friendly steel method
