M&S warns of £300m hacking crisis hit - and disruption could last months

Marks and Spencer (M&S) has warned investors it is facing a £300m hit to trading profits as a result of last month's ransomware attack.

The company said it was aiming to reduce the figure significantly through management of some costs, including the prospect of insurance payouts, but added disruption to its operations could last into July. The continuing fallout from last month's cyberattack is hanging over the retailer's outlook as its online channels remain down for payments.

Website sales are expected to resume, at least partially, in a couple of weeks' time. Money latest: Reaction to inflation spike M&S said it could not comment on whether it had paid a ransom to the hackers.

Chief executive Stuart Machin, who blamed "human error" for the attack, told an analysts' call the company was "on the road to recovery" and "getting back to business". It is widely believed the group fell victim to the same hackers, known as Scattered Spider, who were linked to similar attacks on the Co-op and Harrods towards the end of April.

Both M&S and the Co-op have admitted personal customer data was snatched, but say the thefts were limited to names and contact details, with payment details safe. The Co-op said last week it was aiming to improve grocery availability in its stores but progress is believed to have been limited so far, with some empty shelves still being reported.

M&S has seen more than one billion pounds lost from its stock market value since it declared the incident on 22 April. The company said of its predicament: "Over the last few weeks, we have been managing a highly sophisticated cyber incident.

As a team, we have worked around the clock with suppliers and partners to contain the incident and stabilise operations, taking proactive measures to minimise the disruption for customers. "We are seeking to make the most of the opportunity to accelerate the pace of improvement of our technology transformation and have found new and innovative ways of working.

"We are focused on recovery, restoring our systems, operations and customer proposition over the rest of the first half, with the aim of exiting this period a much stronger business. "Since the incident, Food sales have been impacted by reduced availability, although this is already improving.

We have also incurred additional waste and logistics costs, due to the need to operate manual processes, impacting profit in the first quarter. "In Fashion, Home & Beauty, online sales and trading profit have been heavily impacted by the necessary decision to pause online shopping, however stores have remained resilient.

"We expect online disruption to continue throughout June and into July as we restart, then ramp up operations. This will also mean increased stock management costs in the second quarter." The statement added the anticipated hit to operating profits this year will be around £300m for 2025/26, which will be reduced through management of costs, insurance and other trading actions.

It is expected that costs directly relating to the incident will be presented separately as an adjusting item. Read more:What should M&S customers do after cyber theft?Thousands of UK firms at risk from M&S-style hackers Mr Machin thanked customers for being "unwavering in their support" for the chain.

"This incident is a bump in the road, and we will come out of this in better shape, and continue our plan to reshape M&S for customers, colleagues and shareholders," he said. M&S gave the update while revealing financial results for the year to 29 March.

They showed trading profits at a 15-year high. M&S reported a 22.2% rise to £875.5m, with sales up across each of its product divisions.

Shareholders were rewarded with a 20% increase in the final dividend. However, that failed to placate investors as the share price fell by almost 3.5% at the market open on Wednesday.

Dan Coatsworth, investment analyst at AJ Bell, said of the update: "Marks & Spencer has lost a significant number of sales after temporarily halting online orders. Disruption to supplies meant gaps on the shelves and more lost sales in-store.

It has also incurred extra waste and logistics costs, all having a negative impact on profit. "The fact online operations might not be back to full power until later in the summer means the company still cannot achieve full earnings potential for some time to come.

Marks & Spencer will be able to lower the total hit to profit once it claims on insurance, among other factors, but the cyber-attack has still knocked the business for six. "There's still a big unknown regarding any potential fines on Marks & Spencer from the Information Commissioner's Office (ICO), which enforces data protection regulation.

"There are plenty of examples of companies that have been fined by the ICO for not taking appropriate steps to prevent data breaches. The maximum fine by the ICO is £17.5m or 4% of global annual turnover, whichever is higher.

Marks & Spencer has just reported £13.8bn revenue, so 4% of that figure is £552m. "That's in a worst-case scenario, and any fine would account for many different factors.

We're unlikely to find out in the near term if there will be a fine as there will be investigations galore into exactly what's happened and into the retailer's overall data protection capabilities.".