Do Son 
Marks & Spencer (M&S), one of the United Kingdom’s largest retail giants, has announced an anticipated decline in operating profit by £300 million (approximately $402 million) for the 2025/2026 fiscal year. The downturn stems from a recent cyberattack that severely disrupted the company’s online services, logistics operations, and supply chains.
According to filings submitted to the London Stock Exchange, M&S has already incurred substantial costs: failures in its digital infrastructure necessitated manual order processing, increased product losses, and led to a surge in logistical expenditures. The company expects disruptions to its online commerce to persist until at least July.
The impact has been especially pronounced in the Food division, where product availability dwindled, and the rerouting of supplies around automated systems resulted in additional financial strain.
Even more acutely affected were the Fashion, Home & Beauty sectors, where M&S was compelled to temporarily suspend all online sales. While physical stores remain operational, the retailer anticipates that restoring its e-commerce capabilities will require no less than two months, bringing with it further increases in warehousing and inventory management costs.
Preliminary estimates suggest that losses, excluding any mitigating measures, could reach £300 million. The company hopes to partially offset this impact through cost optimization, insurance recoveries, and a gradual resurgence in retail activity.
Thus, the repercussions of the cyber incident extend well beyond the realm of IT, evolving into a full-fledged business crisis. The company’s deep reliance on digital infrastructure—combined with the scale and rapid execution of the attack—calls into question the resilience of traditional retail models in an era of escalating cyber threats.
Marks & Spencer has been officially recognized as a victim of the cyberattack, with details of the incident still under investigation.
Donate