M&S boss reveals exact cause of cyber attack and says chain was ‘unlucky’

M&S boss Stuart Machin has, for the first time, given details about a ransom attempt by a gang of online hackers

The boss of Marks & Spencer has revealed “human error” triggered a devastating cyber attack which has crippled the chain’s online sales.

Stuart Machin has, for the first time, given details about a ransom attempt by a gang of online hackers, as he aded: “To be honest, it has been the most challenging situation we have encountered.”.

Mr Machin described how he received a call from a member of his team over the Easter bank holiday weekend about some “suspicious activity”. He insisted hackers failed to break into its own beefed-up computer systems. “Unable to get into our systems by breaking through our digital defences, the attackers did try another route, resorting to that term social engineering by entering through a third party.”

He claimed the time between the hackers gaining access to its systems and being detected by shorter, “and certainly shorter than the average, which experts have told us is 10 days and in some cases many months.” Having called in outside experts, M&S decided to pulled the plug on all online orders while it scanned its systems, a process involving more than 600 software applications and thousands of IT servers.

Mr Machin said it was in the process of bringing its IT network back online “in a controlled way”. He added: “We are only four and a half weeks in although, if I’m honest, it feels like four and a half months.”

While M&S has said online sales could be disrupted until July, Mr Machin added that it was gearing-up to begin restarting orders “within a matter of weeks”.

The cyber attack – and especially the time it has taken M&S to recover – has raised serious questions about the retailer’s defences. Mr Machin insisted it had ramped-up spending on cyber security, before adding: “We have to be vigilant – lucky – every day, the threat actors only have to be lucky once. We didn’t leave the door open – it wasn’t anything to do with under investment – everyone is vulnerable. For us, we were unlucky in this particular case through human error.”

He said bosses of other businesses had been in contact, detailing what happened when they were targeted by ransomware hackers.“They have told me how challenging the situation will be, to watch out for buy-out – whether that be myself or my team – and that it will take longer than you would ever predict.

It came as M&S revealed the scale of the impact which, it warned, could wiped around £300million of profits this year. However, bosses hope to recover a big chunk of that through insurance and cost cutting.

Prior to the incident, M&S had been recovering after years of failed turnarounds. Results also showed annual profits – before the attack emerged – jumped by more than a fifth to £875.5million.