Our understanding of this and its impact
Shaanaz Musafer, Liv McMahon and Ije Ndukwe

BBC News

Getty Images

The country may be enjoying sunny weather, but the storm clouds currently gathering on Marks & Spencer show no signs of fatigue.

Now we are entering the second week of a cyber attack that has struck one of the oldest and largest retailers in the UK, causing problems in stores and shutting down its online operations.

This is how we affect the attack and its impact.

Online orders have been suspended for nearly a week

A close-up photo of the Marks and Spencer website shows a black banner with white fonts to inform visitors: "We stopped ordering online".

The M&S issue started on the Easter weekend, with clients reporting issues with clicks and collections and contactless payments.

The company confirmed it was handling "network events" and although the services have been restored, it stopped online orders on its website and apps last Friday.

Now, for nearly a week, there is still no news about when online orders will be resumed.

Some stores are also missing certain foods because the company is trying to manage a cyberattack when it takes some of its systems offline.

The sign on the empty shelves read: "Please stand us, and we solved some technical issues that affect product availability."

It is believed that by the end of this weekend, food supply will return to normal, although it is not yet clear whether it remains the case.

This is a ransomware attack

M&S has been silent about the reasons behind its system attacks, but we now know that this is a ransomware attack.

This is a malware that is used to compete for vital data or files after accessing a business's computer system, locking it basically unless a ransom is paid.

Hackers often threaten to leak or sell data to oppress businesses to pay.

Security experts told the BBC on Tuesday that a ransomware group named "Dragonforce" was behind the attack.

The team had other cybercriminals rent their malware for attacks - leaving questions about those who might have done so.

But many people think it is a network of teen hackers known as scattered spiders.

It cost the company millions of dollars

London trademark and white logo on the door of Spencer branch read "Our digital click and collection services are temporarily unavailable" uppercase letter. Here is a statement: "We are experiencing technical issues with digital collection and returns. If you need help, talk to a colleague."

Cyberattacks have had a significant impact on retailers, and the longer it takes to process it, the greater the bottom line.

Its share price has fallen 6.5% since the start of technical issues, with more than £2 billion removed from the company's value.

Online accounts for one-third of M&S clothing and home sales. An average of £3.8 million is spent on its website and apps on clothing and home products every day.

Facing website problems, customers may go to the M&S store to buy items. But shoppers may also turn to competitor online retailers.

When people may want to buy new summer outfits, the problem coincides with a warmer day.

Catherine Shuttleworth of Savvy Marketing said the online impact is direct. “Given the ‘buy now’, other retailers will benefit from this opportunity.”

Analysts say M&S's reputation has suffered a "bruise", but they also say the street firm firm has a lot of feelings, so customers may give it some leeway.

There has been no significant rebound so far, and one client told the BBC staff “very charming” considering the cyber attack.

Suppliers are also affected

M&S suppliers say they have contacted retailers every day, but so far, their impact on them is minimal.

But Thea Green, CEO of beauty brand Nails Inc, told the BBC that her company will have a major release and she is nervous about it considering the M&S issue.

"It really has an impact on us - but it's a number for our business, so it's not a major impact. But they are very relevant UK customers."

Meanwhile, M&S must manage interruptions to a small portion of the products offered to Ocado, which offers M&S online food orders and is composed of M&S.

M&S doesn't speak

While the retailer was quick to inform customers of the violations initially, there was a lack of updates later.

It has issued only two public statements, the last of which was Friday, April 25.

It does not comment on the nature of the cyber attack, which is not uncommon in this case, but experts say uncertainty and the risk of persistent silence can undermine consumers’ trust in the brand.

"In today's hyperconnected world, silence can be disturbing, especially when trust and transparency are the most valuable items a brand can offer," said Kate Hardcastle, a consumer expert and business consultant.

Susannah Streeter of financial services firm Hargreaves Lansdown said M&S has not fulfilled its legal obligations given the holding statements on its website.

“But good communication and transparency are crucial to restoring confidence in the company and its systems,” she said.

“When it comes to reputational losses, there are risks in the company, and the longer the crisis lasts.”