M&S Restores Click-and-Collect After 4-Month Cyber Attack Recovery

Marks & Spencer (M&S), the British retail giant, has successfully restored its popular click-and-collect service following a four-month recovery period after a significant cyber attack disrupted operations earlier this year. The incident serves as a stark reminder of the operational vulnerabilities that accompany digital transformation in the retail sector.

The attack, which occurred in early 2024, forced M&S to temporarily suspend its click-and-collect service - a critical component of its omnichannel retail strategy that allows customers to order online and pick up in-store. While the company has not disclosed specific technical details about the breach, cybersecurity analysts speculate it may have involved compromised third-party vendor access or credential stuffing attacks targeting employee accounts.

'This restoration timeline suggests the attack had cascading effects across multiple systems,' noted retail cybersecurity expert Dr. Emily Tranter. 'Four months indicates either sophisticated malware requiring complete system rebuilds or extensive supply chain compromises affecting multiple vendors.'

The recovery process reportedly involved comprehensive system audits, enhanced encryption protocols, and staff retraining on cybersecurity best practices. M&S has implemented additional authentication measures for vendor access and introduced more rigorous monitoring of its digital infrastructure.

This incident highlights three critical lessons for the retail sector:

With retail cyber attacks increasing by 38% year-over-year according to recent industry reports, the M&S case demonstrates how operational resilience must now be a core component of retail cybersecurity strategies. The company's decision to maintain transparency about the service disruption while protecting sensitive security details provides a balanced approach to post-breach communications that other retailers may emulate.