Anger grows as M&S forced to halt online sales for second day after cyber attack

Marks & Spencer shoppers were unable to buy goods online for a second consecutive day yesterday, as the retailer continued to fight the fallout from a cyber attack.

Stores have remained open but the company has entirely paused orders on its website and apps, including for food deliveries and clothes, while pledging to refund orders.

The firm's click and collect service, where customers order items online then pick them up from a store, was also down. 

One shopper, who visited a store to collect an order, said: 'They need to do a better job communicating about click and collect. "May be some disruption," does not equal "Don't travel to store, you can't collect your order".'

Another added: 'Communication is non-existent. Got my email to collect my order, went into store, no one around click and collect area, screens were black, but the scanner was still working. Had to go to the checkout at the other side of the store to find staff to ask.' 

More than £500 million has been wiped off the value of M&S on the stock market in the wake of the problems which began last weekend – and the company faces losing up to £3.7 million a day as problems continue.

M&S has called in cyber experts to help tackle the system meltdown including CrowdStrike, the US cyber security giant.

Marks & Spencer shoppers were unable to buy goods online for a second consecutive day yesterday, as the retailer continued to fight the fallout from a cyber attack

The firm's click and collect service, where customers order items online then pick them up from a store, was also down

Stores have remained open but the company has entirely paused orders on its website and apps, including for food deliveries and clothes, while pledging to refund orders

It is not known who is behind the attack but last night a source close to the situation dismissed suggestions that Russian agents could be to blame, with 'criminals' suggested to be the most likely option. 

In such attacks, criminals typically infiltrate an IT system, freeze it and demand payment from companies.

M&S has not provided an expected time frame for the problem to be resolved but the attack comes amid a busy period for retailers, as stores head into the summer season.

Nicholas Found, from consultancy Retail Economics, said the incident was 'a stark reminder that no retailer, no matter how established or digitally sophisticated, is immune from the escalating threat of cyber crime'.