From Clicks to Quills: How M&S's Cyber Attack Forced a Return to Basics

Marks & Spencer (M&S) finds itself in crisis mode following a significant cyber attack that has disrupted its operations. One of M&S’s key suppliers, Greencore, which specializes in providing sandwiches, rolls, and wraps, has been forced to resort to manual ordering methods, using pen and paper as digital systems remain compromised.

Dalton Philips, Greencore’s CEO, reported that the disruption has led them to increase food deliveries by 20% in anticipation of the busy bank holiday weekend, highlighting that their delivery approach is reminiscent of 25 years ago due to the lack of communication between systems. With M&S struggling to process online orders for clothing and homewares for over a week, many stores are experiencing empty shelves, further complicating the situation.

Workers at M&S have expressed their frustrations over pay issues, as they are unable to clock in or access necessary applications. Employees described the situation as a “nightmare”, with concerns about whether pay would be processed accurately. One store worker mentioned that instructions change frequently, indicating a chaotic response to the crisis. M&S has reassured employees that they will receive pay for contracted hours, yet uncertainty remains.

Philips emphasizes the hard work and focus of the M&S team under immense pressure, saying they are working round the clock to resolve the issues. In an effort to alleviate problems, Greencore has even sent staff to assist at key M&S locations, demonstrating the collaborative effort necessary during such challenging times.

Despite the operational hurdles, some industry experts believe M&S will adapt, leveraging historical data to maintain access to its top-selling products as they work through the crisis. However, the longer the disruptions last, the higher the risk of damaging M&S’s reputation and customer loyalty.

While M&S has managed customer communication well, the lack of transparency regarding the cyber attack and its specifics raises concerns among stakeholders like Liam Byrne, chair of the Business and Trade Select Committee, who seeks more details from M&S’s leadership. Industry veterans advise that companies should be prepared to communicate thoroughly once they have all the facts about the situation. Ongoing operational challenges, including reliance on manual methods such as fax machines, highlight the significant impact of this cyber threat on a major retail player.