Britain’s M&S Restores Click and Collect Services 15 Weeks After Systems Hacked

British retailer Marks & Spencer (M&S) has finally resumed taking click and collect orders for clothing, ending a nearly four-month hiatus following a devastating cyber hack and data theft that impacted its earnings during the period. The 141-year-old M&S had stopped taking online orders for clothing and home deliveries and collection from stores on April 25, three days after disclosing it was managing a “cyber incident.”

Although M&S gradually resumed taking online orders for delivery from June 10, click and collect services remained suspended. However, the retailer announced on its website on Monday that “Click & Collect is back,” bringing relief to customers who had been missing out on this convenient service.

The Road to Recovery

M&S' managing director for fashion, home and beauty, John Lyttle, confirmed in an Instagram post that the retailer's full online delivery offers were restored across fashion, homeware and beauty products, including the returns of online orders to any M&S store. This move is expected to boost sales and customer satisfaction.

The Impact on Shares

Shares in M&S were up 2%, paring 2025 losses to 10%. Investec analyst Kate Calvert said the reinstatement of click and collect “is the key ‘back to normal’ signal from a consumer perspective.” She does not expect the hack to impact M&S' long-term valuation or growth prospects.

The Cost of the Hack

In May, M&S forecast that the hacking of its systems would cost it about 300 million pounds ($404 million) in lost operating profit in its 2025/26 financial year. However, the retailer hopes to halve this impact through insurance and cost controls.

The Fallout from the Hack

Rivals, such as Next in clothing and Sainsbury's in food, have been beneficiaries of M&S' struggles due to reduced clothing and food availability in stores as a result of taking other systems offline. The CEO, Stuart Machin, had previously told investors that the group would be over the worst of the fallout from the incident by August.

The Investigation

Chairman Archie Norman last month told lawmakers that M&S believed the ransomware attack was carried out by the hacker group DragonForce. Additionally, UK police arrested four people as part of their investigation into the hack and other attacks on the Co-op and Harrods.

A New Chapter for M&S

The reinstatement of click and collect services marks a significant milestone in M&S' recovery from the cyber hack. As the retailer moves forward, it will be important to monitor its progress and ensure that customer data remains secure.