Cliff Notes – M&S had no plan for cyber attacks, insider reveals
- M&S is facing a prolonged recovery from a severe cyber attack, with insiders stating it could take “months” and revealing the lack of a contingency plan for such incidents.
- The attack has led to the suspension of online orders and halted recruitment while employees adapt by using personal devices and unorthodox communication methods amid a chaotic environment.
- Government officials highlight the incident as a “wake-up call” for all UK businesses to prioritise cybersecurity measures amidst rising threats from cybercriminals.
M&S ‘had no plan’ for cyber attacks, insider reveals, with staff left sleeping in the office amid ‘paranoia’ and ‘chaos’ | UK News
A M&S insider has said it could be “months” before the retailer fully recovers from an ongoing, severe cyber attack – and that the company had no plan for such an incident.
Hackers have been holding the High Street brand to ransom for more than a week now, forcing it to suspend online orders and halt recruitment.
A whistleblower at M&S’s head office, who spoke on condition of anonymity, said that last week had been “just pure chaos”.
“We didn’t have any business continuity plan [for this], we didn’t have a cyber attack plan,” the source said.
“In general, it’s lots of stress. People have not been sleeping, people have spent their weekends working, people sleeping in the office – just reactive response.”
“The idea is to have some services go back online bit by bit. Not do the whole shebang, but allow the people in the store and to allow people online to have services.”