M&S issues contactless payment warning after cyber attack

Marks and Spencer has issued an update after its stores were earlier this week. In a new post on social media, the has warned that it still is not processing contactless payments in stores.

also said there is disruption to its click and collect service. It comes after customers took to social media over the weekend to complain that they were unable to pay using contactless methods or collect online orders. M&S said it is currently working with cyber security experts to investigate the issue.

One shopper said: "Went to @marksandspencer did a full food shop only to be told that I can’t use contactless, had to walk away from a whole food shop." Another said: "Just went to pay for a full basket of shopping only to be told that your contactless payments aren’t working."

In a new social media post, M&S said: "We promised to keep you informed about the cyber incident that has led to disruption to some of our services. You can continue to shop in our stores, on our website and through our app but there may be some changes which may inconvenience you over the coming days.

"In particular, we are currently not processing contactless payments and there is disruption to the collection of Click and Collect orders in our stores. Serving our customers, and protecting our business is our priority, and we are working incredibly hard to restore our services.

"We are really sorry for any inconvenience and we’ll continue to keep you updated. Thank you for shopping with us and for your continued support. We appreciate your patience and understanding."

In an email to customers earlier this week, M&S chief executive Stuart Machin said: “I’m writing to let you know that over the last few days M&S has been managing a cyber incident. To protect you and the business, it was necessary to temporarily make some small changes to our store operations, and I am sincerely sorry if you experienced any inconvenience.

“Importantly, our stores remain open, and our website and App are operating as normal. There is no need for you take any action at this time and if the situation changes, we will let you know. There may be some limited delays to your Click & Collect order, which we are working hard to resolve.”

Jake Moore, global cybersecurity adviser at internet security firm Eset, said: “This highlights the significant impact cyber attacks can have in the public domain.

“Many ransomware attacks are dealt with behind the scenes which can make people think the problems are eroding but when customers are directly affected, the knock-on effects are far more widely noted.

“Luckily, it seems no customer data has been taken in the attack but this situation widens the reality that card-only payments may not yet be the answer in a time when cyber attacks are just as prevalent as they’ve ever been.”

READ MORE: