The recent cyberattack on retail giant Marks & Spencer should serve as a deafening alarm bell to businesses of all sizes. If a company with M&S’s resources and infrastructure can be compromised, what does that mean for the average small or medium-sized enterprise? Here’s how businesses can learn from the M&S breach—and crucial steps to defend themselves in an era where cyber threats are more dangerous and costly than ever.
What Happened to M&S?
In early 2025, Marks & Spencer was hit by a devastating cyberattack, reportedly orchestrated by the ransomware gang Scattered Spider. The breach caused major system outages, disrupted online orders, and is projected to cost the retailer nearly £300 million in lost profits and reputational damage. The attack targeted third-party suppliers and infiltrated M&S systems through exploited security gaps—an all-too-common weak link in modern supply chains.
What Can Businesses Learn from the M&S Hack?
- Supply Chain Security Is Non-Negotiable: Many breaches happen indirectly through third-party vendors. Businesses must vet and monitor suppliers’ cybersecurity policies and require compliance with strict security standards.
- No Business Is Too Big—or Too Small: Thinking your company is “too small to target” is a myth. Hackers frequently target SMEs because they tend to have weaker defenses. If you store data or operate online, you’re a potential target.
How to Protect Your Business from Cyber Attacks
- Implement Multi-Factor Authentication (MFA): MFA adds an extra layer of protection, making it much harder for attackers to gain access to systems—even with stolen passwords.
- Regularly Update Software: Outdated systems are an open invitation for hackers. Ensure all software, plugins, and firmware are regularly updated and patched.
- Train Your Staff: Employees are often the weakest link. Offer regular cybersecurity training, teaching them how to spot phishing emails, avoid suspicious downloads, and follow security protocols.
- Backup Data Frequently: Always maintain secure, off-site backups of all critical data. If ransomware hits, you won’t have to pay to recover what’s already safe.
- Invest in Cyber Insurance: Consider a cyber liability insurance policy. It won’t prevent a breach, but it can help cover financial losses, legal costs, and damage control efforts.
- Monitor for Unusual Activity: Install intrusion detection systems and use network monitoring tools to catch suspicious behaviour before it escalates.
What Should Companies Do After a Cyberattack?
- Act fast: Isolate infected systems to prevent spread.
- Notify affected parties: This builds trust and allows them to protect themselves.
- Report to authorities: Cooperate with cybercrime units and industry watchdogs.
- Review and improve protocols: Every breach is a chance to learn.
The M&S Warning Shot
The M&S hack is a stark reminder that cybersecurity is not optional—it’s foundational. Every company, from local coffee shops to national chains, must view cybersecurity as a core business priority. Because in today’s world, it’s not a question of if you’ll be targeted, but when—and how ready you’ll be when the moment comes.
Why should I read this?
If you think your business can’t be a target for cyberattacks, think again! The M&S breach shows that even the big shots can fall victim. This article breaks down vital lessons learned and practical steps you can take to protect your business. Don’t just sit back; read this to understand how you can bolster your defence and keep your data safe!
