The £300 Million Aftermath: Marks & Spencer's Profit Collapse Reveals the True Cost of Cyber Resilience

British retail giant's profits plunge 55% following devastating Easter ransomware attack, but insurance payout and recovery plans signal path forward

Executive Summary

Marks & Spencer has revealed the full financial devastation of the Easter 2025 cyber attack that crippled its operations for weeks, with underlying pre-tax profits tumbling 55.4% to £184.1 million in the six months ending September 27. The attack cost the 141-year-old retail icon £324 million in lost sales and exposed the fragility of digital retail infrastructure, even as the company received a £100 million insurance payout and projects full recovery by March 2026. The incident represents one of the most financially damaging retail breaches in UK history and underscores how a single weekend of vulnerability can erase years of turnaround progress.

The Billion-Dollar Price Tag: How the Tata Motors/JLR Cyber Attack Exemplifies 2025’s Escalating Cyber Threat Costs

Bottom Line Up Front: The Jaguar Land Rover cyber attack has delivered a devastating financial blow to parent company Tata Motors, with direct costs of £196 million ($258 million) contributing to a staggering £485 million ($639 million) quarterly loss. This incident, which caused a five-week production shutdown and £1.9

Breached CompanyBreached Company

The Numbers Behind the Devastation

The scale of M&S's financial hemorrhaging defies typical retail disruption. Underlying pre-tax profits collapsed from £413.1 million to £184.1 million year-over-year, while statutory profits were nearly wiped out entirely, plunging 99% from £391.9 million to just £3.4 million. Online home and fashion sales—critical revenue streams generating approximately £3.8 million daily—collapsed by 42.9% during the crisis period.

Fashion sales bore the brunt of the attack, declining 16.4% overall as the digital channels that had become central to M&S's turnaround strategy went dark for six weeks. Store sales dropped 3.4% as logistics disruptions created empty shelves and stockouts across physical locations. Only the food division provided a lifeline, with sales rising 7.8% and volume growth of 2.8% helping cushion what CEO Stuart Machin called "an extraordinary moment in time for M&S."

The total impact assessment reveals £136 million in direct profit losses, including approximately £102 million in exceptional costs during the first half—legal fees, professional support, and the costly decision to bring the entire IT operation in-house following the termination of the Tata Consultancy Services contract. An additional £34 million in similar costs is projected for the second half of the financial year.

Cost Breakdown: The Financial Anatomy of the Breach

The insurance payout of £100 million, while substantial, covered only about one-third of the £324 million in lost sales, leaving M&S to absorb the remainder through cost reductions, operational efficiencies, and accelerated recovery initiatives. The company has increased its cost-cutting target to £600 million to help offset both the cyber attack impact and rising costs from the UK's national insurance hike.

UK Cyber Insurance Payouts Surge 234% as Global Market Faces Unprecedented Challenges

Executive Summary The UK cyber insurance landscape experienced a dramatic transformation in 2024, with payouts skyrocketing from £59 million to £197 million—a staggering 234% increase that signals both the growing sophistication of cyber threats and critical gaps in organizational preparedness. This surge occurred before several of 2025’s most devastating

Breached CompanyBreached Company

From Easter Weekend to Extended Outage

The attack that would define M&S's 2025 began over the Easter weekend when customers first reported issues with contactless payments and click-and-collect services. What initially appeared as technical glitches quickly escalated into a full-scale cyber crisis. By April 25, M&S had suspended all online orders, effectively shuttering the digital channels that represented a cornerstone of the company's multi-year transformation strategy.

The devastating ransomware assault, attributed to the Scattered Spider hacking collective working with DragonForce ransomware, encrypted critical servers and rendered key systems inaccessible. Intelligence suggests the breach may have begun as early as February 2025, when attackers allegedly stole the Windows domain's NTDS.dit file—a database containing password hashes that enabled lateral movement across M&S's entire network infrastructure.

The operational paralysis lasted far longer than typical ransomware incidents. Online shopping remained completely suspended for six weeks, while click-and-collect services—a hybrid model increasingly popular with UK consumers—didn't resume until August, nearly four months after the initial compromise. The extended downtime reflected not just the technical complexity of recovery, but also the forensic investigation requirements and the fundamental security rebuilding necessary to prevent reinfection.

Store operations faced cascading failures as supply chain systems struggled under the weight of the attack. Logistics disruptions created inventory gaps, forcing M&S to manage additional waste and transportation costs while simultaneously attempting to fulfill existing customer orders through alternative channels. The company's market value took an immediate £700 million hit, with shares dropping 6.5% in the week following the attack disclosure.

As detailed in our comprehensive coverage of the UK retail ransomware wave, M&S wasn't operating in isolation. The same threat actors targeted Co-op and Harrods in what authorities now classify as a coordinated campaign against British retail infrastructure, raising questions about industry-wide vulnerabilities and the sophistication of threat actor targeting.

The Human Error That Enabled Catastrophe

CEO Stuart Machin's characterization of the breach as resulting from "human error" points to the social engineering tactics that enabled the initial compromise. The attack vector—exploiting contractor access through sophisticated phishing and social engineering—represents an increasingly common pattern in high-profile breaches.

The subsequent termination of M&S's IT service desk contract with Tata Consultancy Services in July 2025, just months after TCS conducted an internal investigation into whether its helpdesk operations served as the entry point, illustrates the real-world consequences of third-party risk materialization. While TCS reported finding "no indicators of compromise within the TCS network," the damage to the relationship proved terminal.

The TCS contract termination signals a broader shift in how enterprises evaluate managed service relationships post-breach. Even when vendors claim technical innocence, the perception of risk and the need for accountability can overwhelm partnerships built over years. For M&S, bringing IT operations in-house represented not just a security decision but a strategic realignment of capabilities critical to the company's digital transformation.

The social engineering component highlights why technical controls alone cannot prevent sophisticated attacks. Scattered Spider, the group attributed to the M&S breach, has built its reputation on leveraging authentic-seeming communications to bypass security measures. Attackers convinced contractors to provide credentials or access, exploiting the inherent trust relationships that enable modern business operations.

Scattered Spider's Coordinated UK Retail Campaign

The four arrests made by the UK's National Crime Agency in July 2025—including a 17-year-old and three individuals aged 19-20—revealed the coordinated nature of the spring 2025 retail attack wave. According to the Cyber Monitoring Centre, the April attacks targeting M&S and Co-op have been classified as a "single combined cyber event" with financial impacts between £270 million and £440 million.

Scattered Spider operates as a decentralized, English-speaking network—unlike traditional Eastern European or Russian-based cybercrime groups—making it particularly effective at social engineering attacks against UK and US targets. The group's sophisticated tactics, combined with DragonForce's ransomware-as-a-service infrastructure, created a potent threat that overwhelmed retail defenses designed for more conventional attacks.

DragonForce's "RansomBay" service enables affiliates to white-label ransomware operations, taking a 20% cut of ransom proceeds while handling infrastructure, technical support, and leak site hosting. This business model democratizes sophisticated ransomware capabilities, allowing threat actors to focus on target selection and initial access while outsourcing the technical backend.

As documented in our analysis of major cyberattacks in late 2025, the spring retail campaign represented just one component of Scattered Spider's broader activities. The group has been linked to at least 120 computer network intrusions affecting 47 US entities between May 2022 and September 2025, with victims paying an estimated $115 million in ransom payments. High-profile targets have included MGM Resorts, Caesars Entertainment, and multiple luxury retailers in what security researchers describe as a systematic campaign against high-value consumer brands.

M&S Chairman Archie Norman declined to directly answer parliamentary questions about whether the retailer paid a ransom, maintaining ambiguity about a decision that could have significant precedent-setting implications for UK corporate cyber response strategies.

Teenagers Plead Not Guilty in £39M Transport for London Cyber Attack as Trial Date Set for June 2026

Breaking: Suspected Scattered Spider members deny all charges in devastating TfL breach that paralyzed London’s transport infrastructure In a significant development in one of the UK’s most high-profile cybercrime cases, two teenagers accused of orchestrating the devastating Transport for London (TfL) cyber attack have formally pleaded not guilty to all

Breached CompanyBreached Company

Competitor Gains and Market Share Erosion

While M&S struggled through its "catastrophic summer," competitors seized the opportunity to capture displaced customers. Next, a direct rival in the UK clothing market, reported a 10.5% sales increase in October, building on 7.6% growth earlier in the year. The competitive dynamics reveal how quickly market leadership can erode when digital infrastructure fails.

"Its rivals made hay while the sun shone," observed Dan Coatsworth, head of markets at AJ Bell. "Next among the names luring customers away from M&S during the lengthy period of disruption." The concern for M&S extends beyond immediate sales losses to the risk of permanent customer migration. "M&S says the recovery in trading for clothing has been slower than food, suggesting that some people who tasted the flavours of rival retailers might not necessarily come back quickly."

The differing recovery trajectories between food and fashion divisions highlight the unique challenges of winning back customers in discretionary categories. Food shopping involves habitual patterns and convenience factors that can drive customers back to familiar stores once operations normalize. Fashion, however, involves brand affinity, style perception, and emotional connections that competitors can cultivate during extended outages.

M&S has responded with aggressive marketing initiatives, including a shift toward brand and social media campaigns, the launch of TikTok Shop for a beauty pilot, and the "Love That" YouTube fashion series. Rather than a single hero festive ad, the company is deploying mini content drops designed for social-first storytelling—an attempt to rebuild mindshare in an environment where digital channels proved vulnerable to disruption.

The company claims to have regained the number one position for style according to YouGov data and leads in fashion market share for the past 12 weeks according to Kantar. Food division performance shows 800,000 more customers year-over-year and 14 million additional shopping trips, suggesting the recovery is gaining traction in at least some segments.

The Insurance Reality Check

The £100 million cyber insurance payout represents one of the largest publicly disclosed retail breach recoveries, but it also illustrates the gap between insurance coverage and actual losses. At approximately 31% of the £324 million in lost sales, the insurance proceeds covered less than one-third of the financial damage—and that calculation excludes the additional costs of response, recovery, and business transformation initiatives undertaken in the breach aftermath.

The evolving cyber insurance market now conducts detailed assessments of vendor relationships, security practices, and incident response capabilities before underwriting policies. Premium pricing and coverage terms increasingly reflect third-party risk management quality, creating incentives for enterprises to elevate security standards across the supply chain.

For companies considering cyber insurance strategies, the M&S case demonstrates both the value and limitations of coverage. The £100 million payout provided critical financial cushioning that helped M&S maintain operations and investor confidence during the recovery period. However, the substantial uncovered losses underscore why insurance should complement—not replace—comprehensive security investments and incident response capabilities.

Vendor Risk Management Tool | Third-Party Risk Assessment

Comprehensive vendor risk assessment tool for CISOs and security teams. Evaluate third-party vendors across 23 security dimensions with weighted scoring and auto-recommendations.

CISO MarketplaceCISO Marketplace

Post-breach, insurers often condition continued coverage on demonstrable security improvements, which may include vendor changes, architecture modernization, or enhanced monitoring capabilities. The decision to terminate the TCS contract and bring IT operations in-house likely factors into M&S's future insurability and premium calculations, reflecting how breach response decisions cascade into long-term cost structures.

Recovery Trajectory and Forward Outlook

CEO Stuart Machin projects the business will achieve full recovery by the end of the financial year in March 2026, with second-half profits expected to be "at least in line with last year." This guidance suggests £468 million in second-half profits to match the prior year period—a target that requires M&S to substantially outperform its devastated first half.

The recovery strategy centers on several pillars. The £600 million cost-reduction program aims to offset both cyber attack impacts and rising operational costs from UK regulatory changes, including increased employer national insurance contributions and new packaging taxes. Food division strength provides a foundation, with M&S claiming the position of "fastest growing grocery retailer" in recent Kantar data and benefiting from the success of its Ocado Retail partnership, which saw revenue up 14.9% to £1.5 billion.

Online sales are improving across categories, though the "recovery curve has been slower than food" in fashion, home and beauty. The company is betting on the critical holiday shopping season to rebuild momentum, supported by enhanced marketing, social media expansion, and the return to full operational capacity across all channels.

Investor sentiment has tentatively recovered, with M&S shares trading at approximately 12.5 times 2026 earnings estimates—suggesting the market is pricing in a successful turnaround despite the setback. Deutsche Numis Research maintained a buy rating with a £4.35 share price target, noting that while early-year operating challenges were significant, the insurance payout helped profits exceed expectations.

The November 12 Capital Markets Day will be critical for providing stakeholders with detailed visibility into inventory management, long-term strategy, and the security investments that will prevent future incidents. Investors are seeking assurance that the turnaround plan—which had delivered the highest annual profit performance in over 15 years before the cyber attack—remains on track despite the disruption.

Parallels to the Automotive Sector's Cyber Reckoning

The M&S profit collapse shares striking parallels with another high-profile 2025 breach: the Jaguar Land Rover cyber attack that cost parent company Tata Motors £196 million and contributed to a £485 million quarterly loss. Both incidents demonstrate how cyber events can erase years of operational progress and force enterprises to fundamentally reassess digital dependencies.

The JLR breach on August 31, 2025, disrupted production scheduling, supply chain coordination, and customer delivery systems—much as the M&S attack paralyzed retail operations and logistics. In both cases, the financial damage extended far beyond immediate ransom demands or recovery costs to encompass lost revenue, market share erosion, and the expensive restructuring of technology operations.

Both companies share another connection: Tata Group ownership or partnership. TCS, a Tata subsidiary, served as M&S's IT service desk provider before the contract termination, while Tata Motors owns JLR outright. The convergence raises questions about whether common security practices, vendor relationships, or cultural approaches to cybersecurity may have contributed to vulnerability patterns across the Tata ecosystem.

The automotive and retail sectors face similar challenges: complex supply chains, extensive third-party relationships, and digital transformation initiatives that create expanded attack surfaces. As detailed in our JLR analysis, the escalating cyber threat costs reflect not just ransomware sophistication but the increasing integration of digital systems into core business processes. When those systems fail, the cascading impacts can paralyze operations that once had manual fallbacks.

Broader UK Retail Vulnerability Landscape

M&S operates within an ecosystem of vulnerability that extends across the UK retail sector. Harrods' September data breach affecting 430,000 customers through a third-party compromise demonstrated how supply chain attacks exploit vendor relationships. Co-op's concurrent breach during the spring campaign further illustrated the coordinated nature of threat actor targeting.

The 2025 luxury brands under siege extended beyond UK borders, with Kering's portfolio (Gucci, Balenciaga, Alexander McQueen), Victoria's Secret, and Cartier all experiencing significant breaches. The pattern suggests threat actors have identified retail—and luxury retail in particular—as a target-rich environment with unique vulnerabilities.

Several factors make retailers particularly attractive to sophisticated threat actors:

High-value customer data: Retail databases contain not just contact information but purchasing behavior, preference data, and in luxury cases, evidence of wealth that enables secondary targeting.

Brand sensitivity: Companies built on trust and reputation face disproportionate damage from breaches, creating pressure to pay ransoms rather than risk customer data exposure.

Complex vendor ecosystems: Retail operations depend on dozens of third-party providers for e-commerce, logistics, payment processing, and marketing—each representing potential compromise vectors.

Digital transformation pressure: The rapid shift to omnichannel retail created security gaps as legacy systems integrated with modern platforms, often with insufficient security architecture review.

The UK's National Cyber Security Centre has issued urgent guidance for retailers to strengthen defenses, emphasizing the need for robust vendor security assessments, multi-factor authentication enforcement, and sophisticated social engineering awareness training. The wave of spring attacks demonstrated that technical controls alone cannot prevent breaches when threat actors can convince employees or contractors to provide access.

The Third-Party Risk Multiplier Effect

The M&S breach exemplifies a critical vulnerability in enterprise security models: organizations invest heavily in protecting their own systems while lacking visibility into the security posture of essential partners. The TCS contract termination illustrates how third-party relationships—even when vendors report no technical compromise—can become casualties of breach response.

TCS serves 211 UK clients across critical sectors including finance, energy, water, and nuclear. The company's parliamentary testimony emphasized finding "no indicators of compromise within the TCS network" for incidents including attacks on M&S, Co-op, and Jaguar Land Rover. However, the challenge extends beyond technical security. Even perfect security hygiene won't prevent client contract terminations if the perception of risk overwhelms the reality.

The interconnected nature of modern business operations creates cascading risks when supply chain partners fall victim to attacks. The Salesloft Drift OAuth compromise demonstrated how third-party SaaS connectors can create incidents across multiple client environments. The M&S attack showed how social engineering targeting contractors can disable major retail operations for extended periods.

Organizations must now implement comprehensive third-party risk management programs that go beyond annual questionnaires to include continuous monitoring, security testing, and incident response coordination. The average cost of a data breach originating from third-party systems has reached $4.8 million—making vendor security a board-level concern rather than a procurement checkbox.

The Human Cost: Customer Data Exposure

Beyond the financial devastation, the M&S breach compromised customer personal data including names, email addresses, postal addresses, and dates of birth. While M&S emphasized that payment details and passwords were not stolen—a distinction that provides some mitigation against immediate financial fraud—the exposed information enables sophisticated phishing campaigns and social engineering attacks for years to come.

Customer data breaches create long-tail risks that persist long after operational recovery. The information harvested in the M&S breach can be combined with other data sources to build comprehensive profiles for targeted fraud. Email addresses and names enable phishing attacks that reference authentic M&S customer relationships. Postal addresses and dates of birth provide ammunition for identity theft and social engineering schemes.

The reputational impact of customer data exposure can exceed operational disruption costs. M&S built its brand on trust, quality, and reliable service over 141 years. A breach that exposes customer information—particularly during a high-profile operational meltdown—erodes the consumer confidence that underpins premium pricing and brand loyalty.

M&S has implemented notification protocols and offered guidance to affected customers, but the industry struggles with how to meaningfully compensate individuals for data exposure when no immediate financial loss occurs. Credit monitoring services—the typical corporate response—provide limited protection against the sophisticated social engineering attacks enabled by comprehensive personal data.

Strategic Implications for the Retail Sector

The M&S case study provides critical lessons for retail executives navigating digital transformation in an era of sophisticated cyber threats:

Digital dependency creates systemic vulnerability: M&S's six-week online shutdown demonstrated how digital channels—once value-adds to physical retail—have become critical infrastructure whose failure can threaten enterprise viability. Retailers must architect resilient systems with robust failover capabilities and manual backup processes for critical functions.

Insurance provides partial but incomplete protection: The £100 million payout covered only one-third of lost sales and none of the long-term strategic costs. Insurance should complement comprehensive security investments, not replace them. Organizations should carefully evaluate coverage limits, exclusions, and conditions to understand actual financial exposure.

Third-party risk requires continuous vigilance: The social engineering attack vector through contractor access highlights why vendor security must be an ongoing priority. Annual assessments are insufficient; organizations need continuous monitoring, regular penetration testing of vendor access points, and incident response coordination protocols.

Recovery timelines extend beyond technical restoration: M&S's four-month click-and-collect outage reflected not just system rebuilding but forensic investigation, security architecture redesign, and the need to prevent reinfection. Executives should plan for extended disruptions that impact multiple quarters rather than assuming rapid bounce-back from cyber incidents.

Market share erosion can be permanent: The slower fashion recovery compared to food shows how competitors can convert temporary disruptions into lasting customer losses. Retailers must implement aggressive customer retention strategies immediately following breaches rather than assuming loyalty will survive operational failures.

Regulatory and cost pressures compound cyber impacts: M&S faces not just breach recovery but also £50 million in increased national insurance costs and new packaging taxes. Cyber incidents hit during periods of operational stress can create cascading financial pressure that threatens transformation initiatives.

The £300 Million Question: Is UK Retail Prepared?

The spring 2025 wave of attacks against M&S, Co-op, Harrods, and other UK retailers raises uncomfortable questions about sector-wide preparedness. The coordinated nature of the campaign—attributed to Scattered Spider and utilizing DragonForce ransomware infrastructure—suggests threat actors have identified systematic vulnerabilities in British retail security architecture.

The sector faces unique challenges that differentiate retail from other industries:

Legacy system integration: Many established retailers operate hybrid environments where decades-old inventory and point-of-sale systems interface with modern e-commerce platforms, creating security gaps at integration points.

Seasonal surge capacity: Retail infrastructure must scale dramatically for peak shopping periods, often requiring temporary staff, contractors, and expanded vendor relationships that challenge security protocols.

Omnichannel complexity: Modern retail spans physical stores, e-commerce, mobile apps, social commerce, and emerging channels like TikTok Shop—each with distinct security requirements and integration challenges.

Vendor ecosystem depth: A single transaction may touch payment processors, logistics providers, marketing platforms, customer service systems, and analytics tools—creating an expansive attack surface with variable security maturity.

The UK's National Cyber Security Centre has prioritized retail security guidance, but implementation remains inconsistent. Smaller retailers lack the resources for sophisticated security programs, while even major players like M&S have struggled to prevent social engineering attacks that bypass technical controls.

The financial devastation experienced by M&S provides a stark warning: the cost of inadequate cybersecurity far exceeds the investment in preventative measures. The company's £102 million in first-half exceptional costs, £324 million in lost sales, and long-term competitive erosion demonstrate how a single weekend of vulnerability can erase years of operational progress.

The Path Forward: Building Cyber Resilience in Retail

M&S's journey from catastrophic breach to projected recovery offers a blueprint for retail cyber resilience:

Bring critical capabilities in-house: The decision to terminate the TCS contract and internalize IT operations reflects a strategic choice to directly control security-critical functions. While outsourcing offers cost benefits, breaches can expose the hidden costs of reduced visibility and control.

Invest in comprehensive insurance: The £100 million payout provided critical financial cushioning, even if insufficient to cover total losses. Organizations should model various breach scenarios to determine appropriate coverage levels and ensure policies align with actual risk exposure.

Implement robust incident response plans: M&S's extended recovery timeline suggests opportunities for improvement in breach response capabilities. Organizations should regularly test incident response plans, maintain updated system inventories, and establish clear decision-making protocols for crisis situations.

Prioritize social engineering defense: Technical controls are necessary but insufficient against sophisticated threat actors. Comprehensive security awareness training, regular phishing simulations, and a culture of security skepticism can help prevent the initial compromise that enables broader attacks.

Architect for resilience: Digital retail infrastructure should be designed with the assumption that breaches will occur. Segregated networks, robust backup systems, and the ability to operate in degraded modes can limit the operational impact of successful attacks.

Accelerate threat intelligence sharing: The coordinated nature of the spring retail campaign suggests information sharing across the sector could have provided early warning. Industry groups and government partnerships can help retailers identify emerging threats and share defensive strategies.

Conclusion: The New Reality of Retail Cybersecurity

Marks & Spencer's £300 million breach represents more than a financial catastrophe for a single retailer—it exemplifies the new reality facing all consumer-facing enterprises in 2025. The attack demonstrated how sophisticated threat actors can systematically target an entire industry sector, exploiting common vulnerabilities in vendor relationships, social engineering susceptibility, and digital transformation gaps.

The profit collapse from £413 million to £184 million in underlying pre-tax earnings illustrates the existential threat cyber attacks pose to corporate performance. The near-total wipeout of statutory profits—from £391.9 million to £3.4 million—shows how quickly breach costs can overwhelm even well-established businesses.

Yet M&S's story is not merely one of devastation but also of resilience. The company's ability to secure £100 million in insurance proceeds, rapidly implement cost-reduction programs, bring IT operations in-house, and project full recovery within a year demonstrates the value of robust financial foundations and decisive leadership during crisis.

The path forward requires acknowledging uncomfortable truths: digital transformation creates vulnerability as well as opportunity. Third-party relationships multiply attack surfaces. Social engineering remains the weakest link in security architecture. And the financial cost of breaches—from immediate operational losses to long-term competitive erosion—far exceeds traditional risk calculations.

As retailers enter the critical holiday shopping season of 2025, the lessons of M&S's catastrophic summer loom large. The question is no longer whether sophisticated attacks will target retail infrastructure, but whether the sector will invest in the comprehensive security capabilities necessary to withstand inevitable threats.

For M&S, the journey from Easter weekend compromise to projected March 2026 recovery will test whether a 141-year-old retail institution can emerge stronger from its most challenging cyber crisis. For the broader retail sector, the £300 million price tag serves as a warning: in an era of sophisticated, coordinated cyber attacks, resilience is not optional—it's existential.

Related Coverage

• UK Retail Cyberattacks: A Deep Dive into the 2025 Ransomware Wave
• When Trust Breaks: M&S Ends IT Service Desk Contract with TCS After £300M Cyber Attack
• Major Breakthrough: Four Arrested in £440M Cyber Attacks on UK Retail Giants
• The Billion-Dollar Price Tag: How the Tata Motors JLR Cyber Attack Exemplifies 2025's Escalating Cyber Threat Costs
• Harrods Data Breach: 430,000 Customer Records Exposed in Third-Party Security Incident
• Luxury Brands Under Siege: The 2025 Cyberattack Wave Targeting High-End Retail

This analysis is based on M&S's official financial disclosures, public statements, and industry reporting. For the latest updates on the evolving retail cybersecurity landscape, continue following Breached Company's comprehensive coverage.