M&S Cyber Attack: What Happened to Deliveries and the Growing Threat to Retail Supply Chains
If you’ve recently experienced delays or cancellations with your Marks & Spencer orders, you’re not alone. The high-street giant has been grappling with significant service disruptions following a cyberattack. While M&S itself was not directly breached, the incident highlights a critical and growing vulnerability for businesses everywhere: the security of their supply chain partners.
The attack targeted a key third-party logistics provider responsible for managing M&S’s delivery network. This ripple effect has caused a cascade of issues, impacting everything from clothing deliveries to food orders. Here’s a breakdown of the situation and the crucial lessons it offers.
Which M&S Services Are Affected?
While M&S is working hard to restore normal operations, several key services have been impacted. It’s important for customers to know what is and isn’t currently available.
- Click & Collect: RESTORED – After a temporary shutdown, the popular Click & Collect service is now back online. Customers can once again place orders for pickup at their local stores.
- Next-Day Delivery: OFFLINE – One of the most significant impacts is the suspension of the next-day delivery service. The disruption to the logistics partner has made this rapid fulfillment impossible for the time being.
- Food Orders: OFFLINE – Customers looking to order food items for delivery will find the service is currently unavailable.
- Furniture & Large Items: OFFLINE – The delivery of furniture and other large products has also been halted as the company works to resolve the complex logistical challenges caused by the attack.
The Real Target: A Third-Party Logistics Partner
It is crucial to understand that M&S’s internal systems were not compromised in this incident. Instead, the cybercriminals focused their attack on a logistics company named Gist, which is a vital part of the M&S supply chain.
This is a classic example of a supply chain attack. Hackers are increasingly targeting third-party vendors—like logistics firms, software providers, and payment processors—because they can be a softer target. By compromising one of these partners, criminals can cause massive disruption to the larger, more well-defended companies that rely on them.
For retailers like M&S, logistics are the backbone of the business. An attack on a delivery partner is effectively an attack on their ability to get products to customers, grinding operations to a halt without ever touching the retailer’s own servers.
Why Supply Chains Are a Prime Target for Hackers
This incident is not an isolated one. Logistics and supply chain companies have become a high-value target for cybercriminals for several key reasons:
- Massive Ripple Effect: A single successful attack on a logistics hub can disrupt dozens of major companies simultaneously, maximizing the hacker’s leverage.
- Critical Infrastructure: These companies are the arteries of modern commerce. Any downtime creates immediate and immense pressure to pay a ransom or resolve the issue quickly.
- Perceived Weaker Security: While major brands invest heavily in cybersecurity, their third-party vendors may not have the same level of resources, making them a potential weak link in the security chain.
Actionable Security Lessons for Every Business
The M&S situation serves as a powerful reminder that your company’s security is only as strong as your partners’. Every business, regardless of size, should take this as a wake-up call to review its own supply chain security.
- Thoroughly Vet Your Vendors: Don’t just evaluate partners on price and service. Conduct in-depth security due diligence on any third-party vendor that will handle your data or critical operations. Ask for security certifications, audit reports, and details about their incident response plan.
- Establish Clear Security Protocols: Your contracts with vendors should include specific cybersecurity requirements and clauses. Define who is responsible for what in the event of a breach. This is not just about liability; it’s about ensuring a coordinated and effective response.
- Develop a Business Continuity Plan: What happens if your key logistics partner goes offline tomorrow? You must have a backup plan. This could involve pre-vetted alternative suppliers or internal contingency plans to mitigate the impact of an outage. Waiting for a disaster to happen is not a strategy.
Ultimately, the disruption at M&S underscores a fundamental shift in the cyber threat landscape. Protecting your own four walls is no longer enough. Businesses must adopt a mindset of shared responsibility and build a resilient ecosystem that can withstand attacks on any link in the chain.
Source: https://go.theregister.com/feed/www.theregister.com/2025/08/11/ms_restores_click_collect_following/
