九色

British retailer Marks & Spencer has resumed taking click and collect orders for clothing after a nearly four-month hiatus following a cyber hack and data theft.

The 141-year-old M&S stopped taking orders through its website and app for clothing and home deliveries and collection from stores on April 25, three days after disclosing it was managing a “cyber incident.”

It gradually resumed taking online orders for delivery from June 10 but click and collect services, which allow customers to order items online and pick up in stores, had remained suspended.

M&S’s website said on Monday that click and collect had resumed for fashion, home and beauty products. The company did not respond immediately to a request for comment.

Shares in M&S were up 1% in early trading on Monday, paring 2025 losses to 11%.

Investec analyst Kate Calvert said the reinstatement of click and collect “is the key ‘back to normal’ signal from a consumer perspective.”

She does not expect the hack to impact M&S’ long-term valuation or growth prospects.

In May, M&S forecast the hacking of its systems would cost it about 300 million pounds ($404 million) in lost operating profit in its 2025/26 financial year, though it hopes to halve the impact through insurance and cost control.

As part of its management of the hack and data theft, M&S took other systems offline. That reduced both clothing and food availability in stores, further denting sales.

Rivals, such as Next in clothing and Sainsbury’s in food, have been beneficiaries.

M&S CEO Stuart Machin told investors in early July the group would be over the worst of the fallout from the incident by August.

Chairman Archie Norman last month told lawmakers that M&S believed the ransomware attack was carried out by the hacker group DragonForce.

Also in July, UK police arrested four people as part of their investigation into the hack and other attacks on the Co-op and Harrods.

($1 = 0.7424 pounds)

(Reporting by James Davey; editing by Jamie Freed and Saad Sayeed)

Related:

• UK Plans to Ban Public Sector Bodies From Paying Ransom to Cyber Criminals
• M&S Says April Cyberattack Caused by Third-Party Impersonation
• UK Companies Should Have to Disclose Major Cyberattacks, M&S Says
• M&S Expects Cyberattack Impact to Be Over by August, CEO Says
• After 46-Day Cyberattack Pause, British Retailer M&S Resumes Online Orders
• Marks & Spencer Says Cyberattack to Cost 拢300 Million