Cyber attack causes further chaos for M&S shoppers

M&S shoppers are facing further vexation astatine the checkout arsenic the institution struggles to retrieve from a cyber attack.

Customers began reporting problems connected the weekend, with the retailer confirming connected Tuesday it was dealing with a "cyber incident."

It told the BBC connected Wednesday that customer-facing systems were backmost to normal.

However, it has since confirmed it has been forced to instrumentality immoderate systems offline arsenic portion of its "proactive absorption of the incident."

It said it had stopped processing contactless payments, had paused the postulation of click and cod orders successful stores, and warned of delays to online bid deliveries.

Contactless payments person since been restored, the BBC has been told, nevertheless this has been questioned by immoderate customers.

BBC unit person described witnessing the interaction of the suspension of contactless payments.

At Euston station, successful London, store unit were seen shouting that it was currency lone arsenic the payments strategy was down. Disruption was besides seen successful Glasgow, and a store astatine Edinburgh Haymarket seemingly closed early.

M&S says it had made the "decision to determination immoderate of our processes offline to support our colleagues, partners, suppliers and our business".

But stores stay unfastened and customers could "continue to store connected our website and our app", the connection added.

But disorder has reigned connected societal media amongst M&S customers.

The steadfast has responded to immoderate posts connected X (formerly Twitter) successful the past fewer hours advising customers contactless payments tin beryllium taken successful stores

However, this has been contradicted by immoderate individuals, with 1 saying: "That is incorrect - lone spot and pin oregon currency is working".

M&S besides told click & collect customers not to question to a store "until they person received their 'Ready To Collect' email".

Some customers besides questioned that, with one idiosyncratic saying aft receiving their email, "store unit said they are incapable to retrieve the item"

The institution has declined to supply item connected the quality of the attack, but moving systems offline is often a effect to ransomware attacks.

On Tuesday the steadfast said successful a announcement to investors that it had engaged "external cyber information experts to assistance with investigating and managing the incident.

"We are taking actions to further support our web and guarantee we tin proceed to support lawsuit service," it added.

The institution said it besides reported the incidental to the National Cyber Security Centre which told the BBC it was "working with Marks and Spencer to enactment their effect to a cyber incident".

The National Crime Agency told the BBC its officers were "working alongside partners successful the NCSC to amended recognize the incidental and enactment the company".