As Marks & Spencer (M&S) and its clients - continue to roll up from major cyberattacks, others who have experienced similar experiences have been sharing the targets of the hackers.

"It's an absolute nightmare," said Sir Dan Moynihan, senior executive principal and CEO of the Harris Federation, which are 55 schools in London and Essex areas.

It was hacked in 2021 - Sir Dan told Show Today on BBC Radio 4 that the culprit was Russian ransomware criminal group Revil.

"Their purpose is to blackmail us in $4 million in cryptocurrency in ten days," he said.

“If we don’t pay within ten days, they want eight million.”

Hackers cause chaos. Sir Dan said the group lost the textbook, lesson plan and registration system.

More importantly, they also lost medical records, and even the fire and telephone systems were affected.

The financial situation of the school group has been hit. Staff and bills are unpaid.

M&S also targets ransomware - malware, which locks the owner outside of its computer or network and pieces together its data.

The criminal then requests a fee to unlock. Sir Dan said it was a request he resisted.

Instead, the school team approached a company with cyber experts who hired hostage negotiators. The man then plays the role of an inexperienced school Bursar (an administrator) who pretends not to know what is going on.

They negotiate with hackers with the goal of postponing them as long as possible so that school groups can rebuild their systems.

“The Russians stole data from us – they didn’t tell us anything – they threatened to put these things on the dark web and made us feel very embarrassed, and secondly, they would lock our system.”

Sir Dan said it took three months for the Harris Federation to get everything back to normal, and the cost was £750,000. This includes 30,000 devices that need to be "cleaned" after a hack.

Is there any question for criminals to want? The school group boss said that never.

“The money we have is for disadvantaged young people, and secondly, if we pay, we will open the door for other school groups to be attacked.”

It is not clear if there are similar scenarios behind M&S, as the company has only released limited information in its official statement and has not allowed anyone to be interviewed.

But people who claim to be working for retailers give a sense of chaos on social media.

On Reddit, identifying itself as a user of M&S workers, the BBC has not yet verified this, describing the impact of the cyberattack.

It was written that most internal systems were affected and experiments with “manual recovery operations with paper and pen” have been conducted.

Another poster said that the head office staff was working on weekends and the problem was “like going back to the past.”

Although some reported a shortage of goods, others described items, which meant food wasted - one said they had to pour out multiple pints of milk.

Apparently, other companies are watching closely what’s going on, even as another retailer co-op shut down some IT systems this week in response to separate cyber attacks.

"We are tinkering like crazy people," a retailer told the BBC.

In other words, they make sure every part of the system has the latest software and protection.

Sir Charlie Mayfield, former chairman of John Lewis, said other companies were too vulnerable to them.

"Online shopping has completely changed retail - as technology becomes more common, the risk of such attacks increases with it."

According to a survey of cybersecurity violations conducted by the UK government, 74% of large businesses said they were targeting cyber attacks last year.

Hackers can be difficult for those trapped in destruction.

Wedding designer Catherine Deane said it was “destructive” when her company’s Instagram account was hacked.

“It feels as if the carpet has been pulled from under us. Instagram is our main social platform and we invest the most time and business resources.

"To keep the account up to date, we post content every day. Suddenly, all this work…just pull.”

She told the BBC last month that it was difficult to solve the problem of Instagram owner Meta, describing it as "almost traumatic."

Last June, staff at London Hospital talked about how they worked with the consequences of the cyber attack, which led to many hours of extra work.

A key incident was announced after the ransomware attack targeted services provided by pathological enterprise Synnovis.

Services including blood transfusions were severely damaged in Guy and St. Thomas Hospital and King’s College Hospital (KCH).

"Then what the lab has to do is take blood samples and process them manually, which is a long and time-consuming process that requires a lot of staff and we have to provide extra people to help with it," Dr. Anneliese Rigby, consultant anesthesiologist at KCH.

It seems like there may still be a lot of tough days before M&S.

Other reports by Zoe Kleinman, Chris Vallance, Joe Tidy and Tom Gerken