<\/p>\n
Following a damaging cyberattack attributed to social engineering tactics, Marks & Spencer is re-evaluating its leadership and fast-tracking its digital recovery efforts amidst significant financial and operational upheaval.<\/p>\n<\/div>\n
Marks & Spencer (M&S) is navigating a period of significant upheaval following a debilitating cyberattack that has had profound financial and operational consequences for the British retailer. Rachel Higham, the company\u2019s Chief Digital and Technology Officer, has departed just months after the attack, which forced the shutdown of M&S\u2019s online operations and left physical stores struggling with empty shelves. According to an internal memo, Higham, who joined M&S in 2014 from roles at WPP and BT Group, is “stepping back from her role” after a turbulent period for the business. The company commended her as “a steady hand and calm head at an extraordinary time,” though she is understood to be taking a career break. Sacha Berendji, a seasoned executive within M&S, has been appointed to head the digital and technology division alongside his current duties.<\/p>\n
The cyberattack, attributed to a hacker group known as Scattered Spider, exploited human vulnerabilities rather than technical flaws in M&S\u2019s defences. Investigations revealed that the attackers breached the retailer\u2019s systems via social engineering tactics targeting a third-party contractor, bypassing M&S\u2019s own digital safeguards. This sophisticated intrusion occurred over the Easter weekend in April and subsequently led to a near four-month suspension of parts of M&S\u2019s digital operations, including the popular ‘click and collect’ service. The National Crime Agency is investigating the group reportedly responsible. Despite the severe impact, M&S has refrained from commenting on any ransom demands, citing law enforcement guidance.<\/p>\n
Financially, the breach has been catastrophic. Industry estimates project a \u00a3300 million hit to M&S\u2019s operating profit for the current financial year, coupled with a market capitalisation loss approaching \u00a3750 million. CEO Stuart Machin has emphasised that the setback, largely due to human error linked to the third-party contractor, has overshadowed an otherwise strong year for the company, which reported a 22% rise in adjusted pre-tax profits to \u00a3875.5 million and 6.1% sales growth to nearly \u00a314 billion. M&S is employing various strategies to mitigate the losses, including cost management and insurance claims, with hopes of recovering around half the estimated impact.<\/p>\n
Amidst this turmoil, leadership stability has been a topic of internal discussion. The company is reportedly considering extending the tenure of Chairman Archie Norman beyond the typical UK-recommended nine-year limit, given his pivotal role in steering M&S through a turnaround and now through this crisis. The final decision rests with the board and shareholders.<\/p>\n
Adding complexity to the situation is the involvement of Tata Consultancy Services (TCS), M&S\u2019s primary technology partner since 2018. TCS is conducting an internal probe to determine whether its systems served as the entry point for the attack. M&S CEO Machin has declined to specify whether ransom payments were made or to confirm TCS\u2019s direct involvement, while both parties maintain silence on these details. This incident has also cast a shadow over TCS\u2019s reputation, highlighting the growing cybersecurity risks faced by global IT service providers.<\/p>\n
Despite the setbacks, M&S asserts its commitment to accelerating its technology transformation, compressing initially planned digital overhaul timelines from two years into six months, in an effort to fortify its systems against future threats. The company\u2019s leadership changes and strategic focus underscore the critical importance of digital resilience in the retail sector as cyber threats become increasingly sophisticated.<\/p>\n