M&S cyber attack's noteworthy consequences for the company's fate and your investments – insights from ANNE ASHWORTH
The cyber assault on Marks & Spencer, rumored to be the work of an underage gang of hackers, has sent shockwaves throughout the retail landscape and left investors in a state of dismay.
This wasn't just any random hack; it was an attack on M&S—a significantly more unsettling scenario, given the Metropolitan Police's involvement in the investigation. Social media is rife with customer anger over the situation, and shares have taken a hit, plummeting by 5% in recent days.
The sudden pause in online and app orders, combined with the sending home of warehouse staff during a record-breaking heatwave, has worsened the situation. Sales have been battered as summer ranges struggled to gain traction in virtual shopping carts.
Susannah Streeter of investment platform Hargreaves Lansdown opines, 'With demand for fashion likely to take a big hit, this heatwave is a two-pronged attack on M&S's sales.'
M&S executives, in collaboration with the National Cyber Security Centre (NCSC), are working tirelessly to resolve the crisis. Although the company is keeping mum about the nature of the investigation, progress has been made: contactless payments in stores have been restored.
Click-and-collect, a method of delivery that boosts foot traffic to brick-and-mortar stores (numbering 1,492), remains unavailable. The attention garnered by the hack has sparked speculation about a possible shift in strategy at the retailer.
As a £7.76bn FTSE 100 company, M&S boasts daily online sales of £3.5 million in clothing and homeware, accounting for about one-third of their total sales. The goal is for this to exceed fifty percent, positioning M&S as a trailblazing multi-channel retailer of the modern era.
The apprehension surrounding this plan has been exacerbated by the power outages in Spain and Portugal, which starkly demonstrated our increasing dependency on technology.
Although there's no concrete evidence linking these blackouts to a hack, they serve as a stark reminder of the vulnerability of nations and corporations in the face of ruthless hackers eager to exploit weaknesses in technology systems.
Chairman Archie Norman and CEO Stuart Machin might now be contemplating a change in strategy. Machin, appointed to the top position in 2022, is known for his dissatisfaction with progress, always aiming for better. Norman shares a similar commitment to relentless improvement, having described their collaboration as a 'high-wire act.'
A bumper Christmas trading season, fueled by popular festive treats like pigs in blankets double-wrapped in bacon, turkey feast sandwiches, and panettone, further reinforced the pair's ambition to revive this 141-year-old retailing mainstay.
However, Norman reiterated his commitment, stating, 'We believe maintaining the spirit of the turnaround is essential, as changing a business takes a long time.'
Norman, with his illustrious career that includes a stint as an MP and as chairman of ITV, has only two years left at M&S to fulfill his goal of completely revitalizing this esteemed retailing institution. A nine-year tenure as chairman is the City's unspoken rule.
The Norman-Machin overhaul of the chain, transforming it from staid to hip, is considered one of the decade's UK corporate success stories—which may explain the silence regarding potential leadership changes.
Despite the recent setback, shares are still up 290% over the past five years, thanks to advancements in food and fashion.
Rumors suggest that Scattered Spider, a notorious ransomware group with ties to the US and the UK, may be behind the M&S hack. These seasoned hackers are adept at exploiting vulnerabilities in target companies' systems, as well as tricking IT help desks through phishing emails.
In February, Scattered Spider allegedly stole software from M&S systems, which may have granted them the authentication needed to infiltrate parts of the network. In April, they supposedly employed DragonForce, a malicious software known for freezing systems, making them unusable, and creating chaos in orders, payments, and other operations.
DragonForce disables anti-virus software, regularly communicating back to the hackers to provide information it has gathered. The hackers then demand payment for the 'keys' that unlock decryption and restore operations. It remains unclear to what extent the hackers have infiltrated M&S systems and whether they have stolen customers' data, including card details and passwords.
As cybercrime continues to plague the business world, the emphasis shifts to building resilient frameworks to win back the trust of concerned customers and investors. The fallout from the M&S hack may prompt a reevaluation of the speed of the switch to online commerce ahead of the results for the year to March, which are set to be announced on May 21.
Last year, M&S posted profits before tax of £716.4 million. A rise to £830 million is projected for the 2024-2025 year. However, losses resulting from the hack will affect this year's profits. Analysts at Quilter Cheviot suggest that M&S needs to focus on getting through this cyber attack in good shape and ensuring customer trust in order to capitalize on the momentum created by Norman and Machin and combat any other challenges.
- The hack on M&S, possibly by Scattered Spider, a notorious ransomware group, has shaken the world of finance, technology, and general-news.
- The hackers, known for their sophisticated tactics, might have stolen customers' sensitive data, including card details and passwords, in their attempt to exploit the retailer's technology systems.
- As the investigation progresses, retailing giants like M&S are reminded of the importance of strengthening their defenses against hackers, ensuring the protection of customer information and maintaining trust in the gourmet food and clothing markets.
- With the growing dependence on retail technology, sports fanatics around the world follow the M&S hack saga closely, anticipating its impact on the company's profits and future strategies.
- As M&S executives navigate the aftermath of the attack, they are challenged to redefine their priorities in the face of heightened concerns about the security of cryptocurrency transactions and other digital operations.
