Hundreds of agency workers at Marks & Spencer have been told not to come into work as the retailer continues to deal with the fallout of a cyber attack which has seen the company lose £650m of value in a matter of days.
The FTSE 100 business has a market capitalisation of more than £7.5bn – but this is down significantly since 22 April, when shares traded for above £4.10.
Since then, the share price has fallen more than eight per cent, having previously staged a recovery in early April from a poor first quarter of the year.
Staff have been instructed to stay at home rather than come into work at the retailer’s main clothing and homeware warehouse in the East Midlands, Sky News has reported.
Some 200 agency staff had been due to work at the Castle Donington logistics centre, the broadcaster reported, citing a source close to M&S.
Agency staff make up around 20 per cent of the site’s workforce, the source said, adding that M&S employees were told to come in as usual.
M&S have been contacted for a comment.
On Friday, the Marks & Spencer share price closed more than two per cent down and following the latest announcement on Monday, they are again trading more than two per cent in the red. That equates to knocking more than £150m off the company’s market value in a single morning.
Disruption at the well-known British brand began last weekend as contactless payments and click-and-collect orders were affected.
Last Tuesday, M&S chief executive Stuart Machin wrote to customers confirming the problem, adding that the retailer would be implementing “minor, temporary changes” to in-store operations as the company manages the ongoing “cyber incident.”
On Friday, M&S temporarily stopped taking orders from its website and apps amid the deepening fallout of the cyber attack.
The historic retailer said it is “working extremely hard to restart online and app shopping” and apologised again for disruption to shoppers. It has already been unable to process click and collect orders in stores after being impacted by a “cyber incident”.
The company has taken actions to protect its network and has also reported the incident to data protection supervisory authorities and the National Cyber Security Centre.
However, the loss of online sales will continue to hamper the business.
M&S’s 2024 annual report revealed that 44 per cent of all online orders came through their app, with online sales as a whole accounting for £1.27bn of revenue for the year ending in March 2024 – showing growth of 7.8 per cent to mark it out as an important strategic area for the company.
That equates to around £3.5m of sales per day – which are potentially being lost by M&S while customers cannot place orders through the app or website.
“Marks & Spencer’s success is built on trust. People trust it to supply good quality products and a good shopping experience. Therefore, suspending online orders gives shoppers a reason to call that trust into question,” explained Dan Coatsworth, investment analyst at AJ Bell.
“The fact customers still cannot order goods online for Marks & Spencer is worrying for both its reputation and its earnings. This isn’t a simple one-day blip and the longer it goes on, the greater the risk that the share price keeps falling.
He continued: “You only have to visit any of its stores to know that click and collect is a major contributor to earnings – there’s often a big queue of people waiting to pick up items they’ve ordered online.
“The retailer will be banking on such customers still making the journey to its stores but instead opting to pick items off the shelf. Not everyone will do this, so it’s inevitable that earnings will take a hit.
“The longer it takes to draw a line under the cyber incident, the greater the risk to Marks & Spencer’s reputation.”
A company statement said: “We are truly sorry for this inconvenience. Our stores are open to welcome customers.
“We informed customers on Tuesday that there was no need for them to take any action. That remains the case, and if the situation changes we will let them know.”
