M&S Profits Drop After Cyberattack

a { color: #880000 !important; background: #ffeeee !important; } Latest News from NourishThe Nourish Mission (formerly OneSub)Get answers to today's big questionsM&S Profits Drop After Cyberattackmarkets > businessMarks & Spencer's profits halved in the first half of 2025 due to a cyberattack that disrupted online sales and logistics. The attack, caused by human error, led to significant sales losses and data breaches, but the company expects full recovery by year-end.

What's happened

Marks & Spencer's profits halved in the first half of 2025 due to a cyberattack that disrupted online sales and logistics. The attack, caused by human error, led to significant sales losses and data breaches, but the company expects full recovery by year-end.

What's behind the headline?

The cyberattack on M&S highlights the increasing vulnerability of retail giants to cyber threats, especially as they rely heavily on online platforms. The incident underscores the importance of cybersecurity resilience, particularly in logistics and customer data protection. While M&S has managed to recover some losses through insurance and cost-cutting, the attack has exposed weaknesses that could influence consumer trust and competitive positioning. The slower recovery in fashion and homeware sales compared to food suggests that brand loyalty and online shopping habits are shifting, potentially benefiting rivals like Next. The incident also illustrates how human error remains a critical vulnerability, despite advances in cybersecurity technology. Moving forward, M&S will need to bolster its defenses and restore customer confidence to regain its market share and ensure long-term stability.

What the papers say

The Independent, AP News, The Guardian, Sky News, Reuters all report on the cyberattack's financial impact, recovery efforts, and broader implications. The Guardian emphasizes the damage to M&S's clothing and homeware sales, noting the slower recovery compared to food. Reuters provides detailed financial figures, including insurance recoveries and adjusted profits. Sky News highlights the incident's scope, including the immediate costs and ongoing effects. The Independent offers insights into the strategic responses and future outlook, emphasizing the importance of cybersecurity in retail resilience. Contrasting opinions focus on the severity of the attack's impact versus the company's recovery trajectory, with some analysts warning of long-term implications, while others remain optimistic about the brand's resilience.

How we got here

In early 2025, M&S experienced a major cyberattack around Easter, which forced the retailer to halt online clothing and homeware orders for over six weeks. The attack impacted logistics, caused empty shelves, and resulted in data theft, including personal customer information. The incident was attributed to human error, and the company initially estimated a £300 million impact, which has since been revised downward with insurance recoveries. The attack occurred amid a challenging retail environment with rising costs and stiff competition.