Cyber Attack Unpreparedness Alleged at M&S, Says Insider, with Staff Reportedly Slumbering in Office Amid Panic and Disarray
A M&S Insider's Tale of Chaos: Months of Recovery from a Devastating Cyberattack
The retail giant Marks & Spencer (M&S) has been under siege for over a week now, pinned down by a relentless cyber attack that's left them reeling. This unanticipated digital onslaught has forced the High Street brand to halt online orders and recruitment, sending ripples across its operations.
According to an insider from M&S's head office, speaking on condition of anonymity, the last week has been a "pure chaos." The source mentions the absence of a business continuity plan or a cyber attack plan within the company, leading to an unprecedented situation.
"It's just lots of stress. People have not been sleeping, people have spent their weekends working, and people are sleeping in the office—just a reactive response," the insider explains.
The insider predicts a few months of disruption before things return to normal. In a bid to minimize the fallout, the plan is to bring back online services gradually, starting with providing some services to both in-store and online customers. However, it appears that this mammoth task won't involve a complete systems overhaul.
In the meanwhile, employees have been forced to rely on personal devices due to restrictions on the use of corporate devices. The internal advice seems to be shifting constantly, making the situation virtually impossible to navigate.
"We're kind of figuring it out as we go," the source admits. The insider also shares that they aren't even allowed to discuss the incident on Teams, the usual communication platform, and are using WhatsApp instead to communicate with colleagues.
The insider further reveals a sense of paranoia within the company, as employees are still unsure whether hackers have infiltrated M&S's system. When asked about the possibility of internal compromise, the source replies, "It's possible, that's a possibility. I don't know, and it hasn't been said, but it's a possibility, and you have to be careful."
M&S expressed its apologies to customers on Friday, acknowledging the inconvenience owing to the cyberattack. M&S chief executive Stuart Machin stated that they are working tirelessly to manage the incident and restore normalcy as quickly as possible. An M&S spokesperson added that the company has robust business continuity plans and processes in place for handling such incidents.
According to our reports, the executive team at M&S exercised a cyber incident simulation last year, but it remains unclear whether they were adequately prepared for a real-world cyberattack on this scale. Other corporations, such as Harrods and the Co-op Group, have also been targeted by hackers recently.
Cyberattacks: A Call to Action
With the alarming increase in cyberattacks on businesses, UK's Cabinet Office Minister Pat McFadden will issue a wake-up call to every business in the UK. In a speech at the CyberUK conference in Manchester, McFadden will stress the importance of treating cybersecurity as a top priority, likening it to securing cars and homes in daily life.
These attacks have disrupted not only businesses but also families' everyday lives, serving as a stark reminder of the urgent need for robust cybersecurity measures. The government is stepping up efforts to help businesses improve their cyber defenses and will provide guidelines and resources to this end.
The ongoing cyberattack on Marks & Spencer (M&S) has highlighted the need for better cybersecurity measures, as the lack of a cyber attack plan within the company has led to chaos and disruption. Moreover, the attack underscores the increasing importance of treating cybersecurity like war, a concept that UK's Cabinet Office Minister Pat McFadden will emphasize at the CyberUK conference in Manchester.
