Retail Giant Marks & Spencer has confirmed cybersecurity incidents as customers report on continued disruption and outages.
The British retailer on Tuesday informed customers in a notification seen by TechCrunch that the company has been “managing cyber incidents” over the last few days. The notice signed by CEO Stuart Machine said operational changes need to be made “to protect (the customer) and the business.”
The company said stores remain open and the website and app are operating normally.
In a filing with the London Stock Exchange, Marks & Spencer also notified data protection authorities that they were involved with external cybersecurity experts to investigate the incident.
It is not immediately clear what the nature of the cyberattack is, or whether customer data has been affected.
One customer told TechCrunch that payment card devices in-store are not working for them. Several other customers reported similar outages on social media at various outlets and confusion with orders.
Marks & Spencer spokesman Lucy Reynolds told TechCrunch that the company began restricting some of its operations on Monday, including store clicks and collection pickups and contactless payments. Uncondemned payments are working again, the spokesman added.
The spokesman refused to answer questions related to cyberattacks.
In response to one customer at X, Marks & Spencer said “we’re working hard to solve some technical issues in our store.”
Marks & Spencer claims to serve 32 million customers each year, following their 2024 annual report.
Updated with an answer from Marks & Spencer.