Marks Spencer Cyberattack Sparks Insurance Claim Worth £100 Million GBP

Marks & Spencer is poised to file an insurance claim of up to £100 million following a recent cyberattack that severely disrupted its operations. The retailer’s main insurance policy, facilitated by Allianz, is set to cover an initial £10 million of its losses, with further payouts possible. Beazley, a specialist insurer in cyberattack coverage, is also reportedly exposed under the claim, as per sources from the Financial Times.

The cyberattack left a significant impact on M&S’s operations. For more than three weeks, its online services were crippled, while contactless payment systems and click-and-collect orders were also affected. Despite the disruption, M&S confirmed that while customer data had been stolen, no payment card details or account passwords were compromised. These assurances were aimed at calming user concerns while investigations into the incident continue.

These revelations did not appear to dampen investor confidence. M&S shares rose by 3.7%, with stocks climbing 12½p to 358p on the FTSE 100 index. The retailer is expected to provide an update on the incident, including financial ramifications when it announces its full-year results next week.

Dior, another prominent retail brand, recently confirmed it too had been targeted by hackers. In a message to its customers, Dior explained that an unauthorised party had accessed a database holding customer records, but assured that security measures were taken promptly to contain the breach. Among other retailers facing similar challenges recently include Harrods and the Co-op, both of which reported customer details being extracted. However, Co-op also acknowledged breaches where staff usernames and passwords were compromised.

The UK’s National Cyber Security Centre, along with the National Crime Agency, has opened investigations as attacks on high-street retailers continue to mount. The latest surge in cybercrime has been attributed to the Scattered Spider hacking group, known to work alongside DragonForce, a pro-Palestinian group based in Malaysia.

Stuart Machin, M&S Chief Executive, reaffirmed to customers that additional precautions, such as mandatory password resets, have been introduced. He further encouraged users to adopt best practices for staying secure online. As incidents like these grow, the retail sector must continue bolstering its defences to counter increasingly sophisticated cyber threats.