M&S confirms major online shopping update after crippling cyber attack
M&S has revealed it's bringing back online shopping after weeks of chaos.
The posh supermarket was forced to suspend its online shopping after it was hit by a massive cyber attack.
In a statement today it said shoppers will be able to buy items online again "this week".
It didn't give an exact day but said a "selection of our best selling fashion ranges will be available for home delivery to England, Scotland and Wales".
"More of our fashion, beauty and home products will be added every day and we will resume home deliveries to Northern Ireland and Click and Collect in the coming weeks," it said.
The supermarket added: "Thank you sincerely for your support and for shopping with us."
The news comes as M&S has spent weeks grappling with the fallout of the cyber attack.
Up until now it has not been able to confirm when it would bring back online shopping.
The cyber attack kicked off over Easter weekend and has been one of the worst to hit the high street in years.
M&S was forced to suspend its online orders and it also had major issues with Click and Collect, gift vouchers and its supply chain.
Some stores were stripped of staples like bananas and Colin the Caterpillar cakes, while meal deals were pulled in some branches.
The attack has caused a £300million blow to profits and customer info was also nicked during the breach.
Security experts have blamed notorious cyber gang “Scattered Spider” for the chaos.
Timeline of the attack
- Saturday, April 19: Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues.
- Monday, April 21: Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the "cyber incident" in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms "minor, temporary changes" to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO) and engages external cybersecurity experts.
- Tuesday, April 22: Disruptions continue. M&S takes further systems offline as part of "proactive management".
- Wednesday, April 23: Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected.
- Thursday, April 24: Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February.
- Friday, April 25: M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S's share price.
- Monday, April 28: M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home.
- Tuesday, April 29: Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores.
- Tuesday, May 13: M&S revealed that some customer information has been stolen.
- Wednesday, May 21: The retailer said disruption from the attack is expected to continue through to July.
M&S recently issued an update for customers with gift vouchers following the attack.
Shoppers had been unable to use their vouchers in the wake of the attack but they appear to be working again now.
However the supermarket told customers they wouldn't get extensions of the expiry dates on vouchers due to expire.