By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
RebruitRebruitRebruit
  • Latest
  • Finance
  • Technology
  • Security
  • Guides
Reading: M&S pauses all online orders after cyber attack
Font ResizerAa
RebruitRebruit
Font ResizerAa
Search
  • Latest
  • Finance
  • Technology
  • Security
  • Guides
Follow US
  • About
  • Our Standards
  • Contact
  • Privacy Policy
  • Cookie Policy
  • Terms of use
© 2025 REBRUIT | We don’t control content on external sites. Read more about how we handle external links

Home » M&S pauses all online orders after cyber attack

Security

M&S pauses all online orders after cyber attack

Company halts digital shopping and begins issuing refunds as recovery efforts intensify.

April 25, 2025
Share
4 Min Read
M&S Pause Online order
SHARE

Earlier today, Marks & Spencer (M&S) announced a major update. All online and app orders have been “temporarily paused.”

This meant customers could no longer place food delivery orders through the M&S website, buy clothing or homeware online, send gift orders or e-gift cards, or use subscription services. New Click & Collect orders were also paused.

M&S, a retailer founded in 1884, was suddenly operating like it was 1984—cash, clipboards, and chaos.

M&S began issuing refunds for purchases made from Friday, April 18, onwards, admitting that it could no longer guarantee delivery.

We are incredibly sorry for this inconvenience. Our team, supported by leading cyber experts, is working hard to bring services back online. We are grateful for your patience. — M&S

M&S’s communication strategy was struggling to keep pace with customer expectations. People wanted clarity, not just apologies.

This was more than a pause. It was a containment move—an attempt to stop further disruption by completely isolating the compromised infrastructure.

By pulling the plug on e-commerce, M&S essentially acknowledged that the damage wasn’t just cosmetic—it ran deep, possibly even into core systems like payment authentication, supply chain coordination, and customer accounts.

Internal sources suggest that around this time, data exfiltration tools were discovered—a hallmark of ransomware actors like Scattered Spider. Forensic teams intensified their sweeps, looking for indicators of compromise across everything from user profiles to virtual machines.

The decision to suspend all orders caused confusion, disappointment, and a flood of customer support requests.

Customers took to social media with questions like:

  • I’ve already paid—what happens now?
  • My Click & Collect parcel says it’s ready—can I still pick it up?
  • My gift card isn’t working in-store either—what’s going on?

M&S tried to manage expectations through individual social media replies. They told customers that items marked “ready to collect” could still be picked up in-store. All parcels would be held safely until further notice—nothing would be returned or thrown out.

Gift cards, Sparks credit, and digital receipts remained offline, with no estimated time for a fix. And the absence of a central FAQ or live status page left many customers frustrated and unsure of what to expect.

Some customers said they’d been told gift cards were “working again” by store staff, only to be turned away. Others reported calling customer service lines only to sit on hold for an hour or more.

It’s not the attack that bothers me—it’s the lack of consistent messaging,” one shopper wrote on X.
Don’t tell me it’s fixed if it’s not.

However, many customers publicly praised in-store staff for handling the chaos with professionalism, patience, and courtesy. Some even brought chocolates and cards to thank their local teams.

Stopping online orders set off a ripple effect across the business. Warehouse activity was scaled back, and some fulfilment staff were reportedly sent home.

With no new orders coming in, supply chain processes were put on hold. Teams had to switch to manual systems for tracking stock, managing orders, and handling returns, slowing everything down.

By the end of the day, M&S shares had fallen by about 5%, wiping over £300 million off the company’s value.

Share This Article
Facebook Whatsapp Whatsapp Bluesky Copy Link
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

Block
Square’s Bitcoin Payment Pilot: Bringing Crypto to Everyday Retail
Finance
METAMASK
MetaMask Embraces Solana: A New Era for Multi-Chain Wallets
Finance
Read Smarter, Not Harder
Read Smarter, Not Harder: These Apps Will Help You Read More Anywhere
Guides
Samsung-One-UI-8
15+ New Features Coming to One UI 8
Latest
samsung
Don Belle Boost Samsung Galaxy A-Series Buzz
Latest

You Might Also Like

ZKsync
Security

ZKsync Account Hack: What Happened and What It Means

May 25, 2025
M&S Cyber Attack
Security

How Hackers Broke Into M&S and Co-op: It Wasn’t a Glitch — It Was Human Error

May 6, 2025
Marks-and-Spencer-cyber-attack
Security

M&S cyberattack: Recruitment paused and supply issues reported

May 1, 2025
M&S Attack
Security

M&S confirms cyberattack after days of disruption

May 1, 2025
23andMe
Security

23andMe Bankruptcy Raises Serious DNA Privacy Concerns

April 21, 2025
Google Play
Security

New Google Play system update now force your phone to auto-reboot after three days

April 22, 2025
Global Cybersecurity Agencies Uncover Spyware Hidden in Android Apps
Security

Global Cybersecurity Agencies Uncover Spyware Hidden in Android Apps

April 24, 2025
UK Government Fails in Attempt to Shield Apple Surveillance Order from Public Eye
Security

UK Government Fails in Attempt to Shield Apple Surveillance Order from Public Eye

April 24, 2025
Follow US
© 2025 REBRUIT | We don’t control content on external sites. Read more about how we handle external links
  • About
  • Our Standards
  • Contact
  • Privacy Policy
  • Cookie Policy
  • Terms of use
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?