M&S Tells Distribution Centre Staff To Stay At Home

Marks & Spencer on Monday told agency staff at its central England distribution centre near Derby to stay at home, as it continues to struggle with a cyberattack.

The company said it had no update on the incident after it said on Friday it would stop taking online and app orders.

Shares in the company were down about 2 percent on Monday and have fallen around 8 percent since it disclosed the incident last Tuesday.

Ransomware speculation

About 200 agency staff were told not to come to the distribution centre at Castle Donington, Sky News reported.

Agency staff are used when the facility is at peak operation.

Marks & Spencer said ceasing online and app orders was part of its “proactive management” of the situation.

The company makes about one-third of its clothing and home sales online, with many popular products found on the app and not in stores.

Industry watchers said the attack came at a bad time for the company as a warm spell had seen elevated demand for summer clothing.

M&S said it was working with experts to resolve the issue.

It has not indicated the type of attack involved, but security experts speculated it was a ransomware incident.

Earlier last week the chain said it would continue operating its stores but would stop processing contactless payments and pause the collection of Click & Collect orders in stores.

M&S has maintained that customer data has not been compromised, but added that “if the situation changes we will let them know”.

Customer data

William Wright, chief executive of Closed Door Security, said customers should keep an eye on their online accounts and bank statements and also be on guard for phishing attempts.

“We don’t know if criminals have accessed any customer data, but it’s always safer to be on guard,” he said.

“Attackers will also use the incident to send out phishing emails, which are designed to look like genuine communications in relation to the incident but are actually aimed at tricking recipients into handing out their personal or financial information.

“It is essential that online users take note of this threat and treat all communications with caution.”

Wright said the fact that online and app orders had been shut down showed that the incident was having a “material” financial impact on M&S.

“No matter how long this pause is put in place, it will hurt M&S financially,” he said.