Recommended reading

M&S online orders are back following cyberattack - here's what you need to know

News
By published

Online M&S orders return - is it safe to shop again?

Marks and Spencer store UK
(Image credit: Shutterstock.com / WD Stock Photos)
  • Marks and Spencer restarts some online orders
  • This follows a major cyberattack earlier in 2025
  • Some systems have still not recovered

Marks & Spencer (M&S) has resumed online orders, over a month after the high street giant was hit by a major cyberattack.

46 days after the incident, standard home delivery for most of M&S' clothing range is now available again across England, Scotland and Wales.

Click and collect orders are still suspended for now, with the company saying these will resume within "in the coming weeks", with a company spokesperson telling Reuters, "It's not the full range at the moment, we've focused on best sellers and newness...We'll be bringing product online everyday so customers will see that grow over the coming days."

Save up to 68% on identity theft protection for TechRadar readers!

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)

View Deal

M&S orders restart

M&S was apparently hit by the attack on April 22, revealing news of the incident several days later.

It is thought the attackers were able to break into its systems by compromising workers at Tata Consultancy Services, an Indian firm which provided third-party services to M&S.

The company has forecast the attack could cost it around £300 million in lost operating profit in its financial year.

It was recently revealed the hackers contacted M&S CEO Stuart Machin in a mocking email the day after the attack, demanding payment for the attack.

This email was sent from the DragonForce hacking collective, which carries out such attacks in return for payment or reward from other parties in exchange for a cut of any ransom payments.

M&S has not confirmed whether it has paid a ransom to the hackers, but did admit some customer data was stolen in the attack. This did not include any passwords or card or payment details, but home addressess, phone numbers and dates of birth may have been affected.

Anyone concerned their data may have been taken, we recommend using a dark web monitoring service, or using a breach monitor such as Have I Been Pwned to check for potential exposures.

You might also like

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.