Marks and Spencer has issued a fresh warning to customers using contactless payments following a “cyber incident” that affected its operations earlier in the week. The retail giant took to social media to announce that any tap and go payments are still not being accepted in stores.
M&S also reported problems with its click and collect service. This update comes in the wake of customer complaints on social media over the weekend about being unable to use contactless payment options or pick up online orders.
The company is actively working with cyber security specialists to resolve the matter, the Mirror reports.
One disgruntled customer tweeted: “Went to @marksandspencer did a full food shop only to be told that I can’t use contactless, had to walk away from a whole food shop.”
Another shopper added: “Just went to pay for a full basket of shopping only to be told that your contactless payments aren’t working.”
In their latest social media statement, M&S reassured customers: “We promised to keep you informed about the cyber incident that has led to disruption to some of our services. You can continue to shop in our stores, on our website and through our app but there may be some changes which may inconvenience you over the coming days.”
They further explained: “In particular, we are currently not processing contactless payments and there is disruption to the collection of Click and Collect orders in our stores. Serving our customers, and protecting our business is our priority, and we are working incredibly hard to restore our services.”
In an email to customers earlier this week, M&S chief executive Stuart Machin said: “I’m writing to let you know that over the last few days M&S has been managing a cyber incident. To protect you and the business, it was necessary to temporarily make some small changes to our store operations, and I am sincerely sorry if you experienced any inconvenience.
“Importantly, our stores remain open, and our website and App are operating as normal. There is no need for you take any action at this time and if the situation changes, we will let you know. There may be some limited delays to your Click and Collect order, which we are working hard to resolve.”
Jake Moore, a global cybersecurity adviser at Eset, said: “This highlights the significant impact cyber attacks can have in the public domain.”
He added: “Many ransomware attacks are dealt with behind the scenes which can make people think the problems are eroding but when customers are directly affected, the knock-on effects are far more widely noted.
“Luckily, it seems no customer data has been taken in the attack but this situation widens the reality that card-only payments may not yet be the answer in a time when cyber attacks are just as prevalent as they’ve ever been.”