M&S shoppers alerted as cyber attack can take ‘weeks’ to fix | Personal Finance | Finance

M&S shoppers have been urged to look out for suspicious emails as the shop chain continues to be affected after a major cyber attack. One customer asked the shop chain on social media on Monday (May 26), when online ordering services would be back up and running, as they have been down for several weeks now. The group said in response: “All online ordering is currently unavailable.

“We can’t confirm when it will resume at the moment, but we are working very hard to get operations back online.” M&S previously released a statement warning that some customer details had been taken in the attack, including email addresses and order histories.

Cyber expert Durgan Cooper, who advises the House of Lords, encouraged shoppers to be vigilant of bogus messages pretending to be from M&S.

He said: “Importantly, customers should avoid clicking on unsolicited emails or messages claiming to offer ‘M&S workarounds’ or discounts — cybercriminals often exploit confusion following incidents like this.”

Mr Cooper further shared security practices people can use to avoid being taken in by scams and targeted by cyber criminals:

• Avoid reusing passwords across sites; use a password manager if needed.
• Enable multi-factor authentication where possible
• Limit reliance on a single retailer for essentials — especially for recurring or time-sensitive orders
• Monitor bank accounts and personal information if you’ve shopped online recently — breaches can expose sensitive data
• Stay alert to phishing attempts masquerading as updates or refund offers from affected brands.