Marks & Spencer has relaunched its click and collect service following a cyber attack that disrupted its operations four months ago. The supermarket had to halt online orders and experienced issues with contactless payments in stores after being targeted over the Easter weekend in April. M&S recently resumed online orders in June and has now confirmed the restoration of its click and collect service, allowing customers to purchase items online and pick them up in-store.
Additionally, M&S announced the full functionality of its Sparks app, enabling shoppers to access personalized discounts, birthday perks, and loyalty rewards. The cyber attack resulted in the theft of customer data such as names, email addresses, addresses, and dates of birth, though no payment details were compromised. Customers have been advised to exercise caution if contacted by individuals claiming to represent M&S and to change their passwords, especially if they have not accessed the Sparks app post-hack.
The cyber attack is estimated to cost the company around £300 million, impacting its annual profits. Prior to the attack, M&S had reported a significant increase in profits, reaching £875.5 million, the highest in over 15 years, owing to its successful turnaround initiatives. Company CEO Stuart Machin had previously stated that operations were expected to be fully restored by August. The investigation into the cyber attack remains ongoing, with collaborative efforts from law enforcement agencies to identify and prosecute the perpetrators.
As a gesture of appreciation to its employees, M&S temporarily increased the colleague discount from 20% to 30% for four days for 63,000 staff members. The company also extended a 10% discount to over 2,500 contractors and partners within its supply chain.
