The fallout from a significant cyber attack continues to plague Marks & Spencer (M&S), forcing one of its largest food suppliers to revert to pen-and-paper ordering systems and prompting the retailer to temporarily halt all recruitment.
Greencore, a major supplier responsible for M&S’s popular sandwiches, rolls, and wraps, has dramatically altered its operations to cope with the disruption caused by the attack, which struck over the Easter weekend.
Dalton Philips, Greencore’s chief executive and former head of supermarket chain Morrisons, described the situation candidly: “In the absence of having all the systems speaking to each other, you revert to how it was 25 years ago.” This means relying on manual “pen and paper” methods for order processing.
To ensure M&S stores remained stocked, particularly over the recent bank holiday weekend, Greencore has significantly increased production and deliveries.
The supplier added extra shifts at its dedicated M&S facility in Northampton, deployed more lorries, and sent quantities of food exceeding even Christmas levels.
“They’re a massive customer for us and we’re trying to flood them with products to help them,” Philips stated, adding that the lack of standard forecasting systems necessitated sending “everything they need and some more.”
The cyber attack’s impact extends far beyond supplier logistics.
M&S has been unable to process online orders for clothing and homewares for over a week. Food deliveries have also been hit, leading to reports of empty shelves in some locations.
Internally, the disruption is causing significant concern among staff. Employees have reported being unable to clock in or out electronically or access essential staff apps. Two workers expressed worries to the BBC about receiving correct pay, despite M&S assurances that all contracted hours will be paid as usual through a separate system.
One M&S worker in Wales called the situation “a nightmare,” citing inconsistent instructions that changed frequently.
Former M&S employee Jeannette Pellen noted the difficulty in getting advice from management or HR due to the system outages.
Staff forums have also highlighted instances of customer abuse, with some employees describing it as the “toughest week” they’ve experienced.
In a sign of the incident’s severity, M&S has paused all recruitment activities. The company’s careers website currently displays a message stating, “Sorry you can’t search or apply for roles right now, we’re working hard to be back online as soon as possible.”
An M&S spokesperson confirmed the temporary halt, explaining, “While we proactively manage the cyber incident, we are temporarily pausing some of our normal processes… Job adverts will be up again in due course.”
M&S has not disclosed specifics about the nature of the cyber attack, only acknowledging that some systems were taken offline, causing “pockets of limited availability.”
The incident follows similar attacks, suspected to involve ransomware, hitting other major retailers like Co-op and Harrods.
The National Cyber Security Centre has consequently issued warnings urging retailers to enhance their vigilance.
Industry experts acknowledge the challenge M&S faces but express confidence in the retailer’s ability to adapt.
Ged Futter, a retail consultant and former Asda buyer, noted that retailers are adept at finding solutions, even resorting to fax machines if necessary. However, the longer the disruption continues, the greater the potential damage to M&S’s reputation and customer loyalty.
