UK retail giant Marks & Spencer has confirmed it is managing a cybersecurity incident, following several days of service disruption that affected store operations and customer experiences. The company disclosed the Marks & Spencer data breach incident in a filing to the London Stock Exchange on April 22, 2025, and reassured customers that while some operations were temporarily adjusted, its stores remain open and both its website and app are currently functional. The Marks & Spencer data breach incident has raised concerns about cybersecurity preparedness in large retail chains. According to the official filing released at 14:14 BST on Monday, Marks & Spencer took quick action after detecting the breach. The company stated: “As soon as we became aware of the incident, it was necessary to make some minor, temporary changes to our store operations to protect customers and the business, and we are sorry for any inconvenience experienced.” Details of the Marks & Spencer Data Breach While the full extent of the cyberattack on Marks & Spencer remains unclear, the retailer emphasized that it has engaged external cybersecurity experts to assist with the investigation and mitigation efforts. Additionally, the incident has been reported to the National Cyber Security Centre (NCSC) and relevant data protection authorities. So far, Marks & Spencer has not confirmed whether customer data has been compromised, a key detail eagerly awaited by both the public and cybersecurity observers. The company has promised further updates should the situation evolve. This data breach at Marks & Spencer has already impacted some in-store services, including its popular Click & Collect function. On the social media platform X (formerly Twitter), customers have expressed frustration with ongoing technical issues. Social Media Users Share New Stories [caption id=""attachment_102193"" align=""alignnone"" width=""598""] Marks & Spencer on X (Source: X)[/caption] One user, @JohnWH79, posted on April 19: “Do companies even have business continuity plans anymore? Computers go down and even the basics seem impossible. ‘Sorry sir, finding parcels is what the computer does.’” In response, Marks & Spencer’s official X account acknowledged the disruption and issued an apology: “... is now back up and running. Please accept my sincere apologies that at the time you visited your local store, this issue directly affected you, as well as other customers.” However, further comments from customers suggest the issues are not entirely resolved. As of April 22, Click & Collect services in some stores remain down, prompting more concern. M&S replied to one such comment: “We are working hard to resolve some technical issues in our stores, and we are not able to process click and collect orders in some stores at this time. Apologies for the inconvenience – Amelia.” Customers also questioned the absence of basic contingency plans. One post asked why no manual system, like “paper and pen,” was in place during the downtime. Conclusion The Marks & Spencer cyberattack comes at a pivotal moment for the retailer, with its financial year having ended on March 29, 2025, and full-year results set for release on May 21. As analysts closely monitor the potential impact on customer confidence and company performance, Marks & Spencer has yet to issue further statements beyond official filings and social media responses. While representatives such as Fraser Ramzan and the Corporate Press Office remain available for inquiries, no new information has emerged regarding the nature or scope of the data breach at Marks & Spencer. This is an ongoing story, and The Cyber Express will be closely monitoring the situation, and we’ll update this post once we have more information on the attack.
by The Cyber Express
by CrowdStrike
by ITPro Today
Interactive world weather map. Track hurricanes, cyclones, storms. View LIVE satellite images, rain radar, forecast maps of wind, temperature for your location.
Leading source of security tools, hacking tools, cybersecurity and network security. Learn about new tools and updates in one place.
Courses to learn more about blue team skills. Check out our hands-on courses to gain and sharpen investigation/detection skills.
Discovering the latest attacks and providing defensive measures to keep organizations safe.
Rapid7's cybersecurity experts break down the latest vulnerabilities, exploits, and attacks. Detect threats faster with trusted news, insights & threat intel.
Course materials for Modern Binary Exploitation by RPISEC.
The Official Blog from Kaspersky covers information to help protect you against viruses, spyware, hackers, spam & other forms of malware.
Welcome to Pentesting Tactics – your go-to comprehensive reference guide for conducting thorough penetration testing, tailored for both newcomers and seasoned experts in the field. Our content is carefully curated to guide you directly to the crucial insights and strategies you need, spanning a wide range of pentesting areas. From diving deep into the intricacies of service and protocol pentesting to unraveling the complexities of web vulnerabilities, we provide comprehensive coverage.
This is the kind of information that all the sites you visit, as well as their advertisers and any embedded widget, can see and collect about you.
Free proxy list. Http, ssl, socks proxy servers for free. Fresh public proxy servers lists to unblock your internet. Realtime updated live proxies. List of IP proxy gratis.
Connect to 6000+ active VPN servers with L2TP/IPsec, OpenVPN, MS-SSTP or SSL-VPN protocol. Academic project by University of Tsukuba, free of charge.
Explore all of our latest reports to access comprehensive analyses, data-driven insights, and detailed findings. Stay informed with our up-to-date research and understand key trends and developments in predictive security.
Discover the latest data breaches on the leading data breach website. See a constantly updated list of recent data breaches and see which companies had a data breach or leak in 2025.
Discover with a good dose of nostalgia, the Malware Museum and explore the history of notorious malware from the past.
Nitter is a free and open source alternative Twitter front-end focused on privacy and performance.
Sharing of information about threats, vulnerabilities, tools and trends across the security industry.
Discover The Best Telegram Channels. More than 11,300 Channels, Groups, Bots, and Stickers in English.
DNS Checker provides a free DNS propagation check service to check Domain Name System records against a selected list of DNS servers in multiple regions worldwide.
An online tool that allows users to efficiently factorize large integers into their prime factors, providing valuable insights for mathematical research and cryptography.