Retailer to update stock market as investors eye impact of online disruption
LONDON, 17 May 2025 – Marks & Spencer is poised to deliver its full-year financial results on Wednesday, 21 May, with shareholders and analysts alike braced for long-awaited details on the fallout from a serious cyber attack that has crippled the retailer’s digital operations.
It has now been nearly a month since the high street stalwart fell victim to a major cyber incident, widely attributed to the hacking group Scattered Spider. Since then, all online orders have been suspended, click-and-collect services disrupted, and payment systems hindered – resulting in a ripple effect across the business and raising serious questions about the company’s cyber resilience.
While the upcoming results will cover the 2024/25 financial year – and thus fall before the cyber attack took hold – the market will be laser-focused on any guidance M&S offers for the year ahead, particularly in relation to the incident’s cost and ongoing disruption.
The company confirmed in a brief update on Thursday that while availability issues in stores have started to ease, some shelves have remained patchy due to necessary IT system overhauls. Meanwhile, fears over customer data security were confirmed, with personal information – including names, email addresses, and dates of birth – believed to have been accessed by hackers.
Although M&S has yet to reveal the financial toll, the disruption is widely expected to have cost tens of millions of pounds in lost sales. With online orders still paused three weeks on, some estimates suggest daily losses of around £4 million.
Susannah Streeter, head of money and markets at Hargreaves Lansdown, warned that investors should brace for cautious guidance. “Although the annual numbers won’t reflect the cyber incident, given the timing, we do expect some early indication of the impact on the current financial year,” she said. “Management will want to reassure shareholders, but expectations will likely be conservative, especially while the website remains offline.”
She added that fashion sales may have taken a particular hit, given the warm weather in recent weeks and the significance of the spring/summer season for clothing ranges. “This would usually be a key trading window for M&S’s apparel division. The timing couldn’t have been worse.”
Barclays analysts have projected that the cyber incident could ultimately cost the business up to £200 million over the course of the 2025/26 financial year. However, they note that the blow may be softened by a potential insurance payout in the region of £100 million – though this too may take time to materialise.
The attack has come as a significant setback for M&S, which had been enjoying a resurgence under the leadership of chief executive Stuart Machin. Just weeks before the breach, the company’s share price hit its highest level in nearly a decade, reflecting renewed investor confidence in its turnaround strategy and stronger trading performance across food and clothing.
More Read
That momentum has now been stalled. Shares have slipped in recent days as uncertainty looms over the full scale of the cyber attack’s financial implications.
The cyber breach is the latest in a growing trend of sophisticated attacks targeting major corporations, and is likely to prompt questions not only around M&S’s data protection protocols but also the robustness of its digital infrastructure.
As the retail sector increasingly leans on digital channels to drive growth, M&S’s ordeal could serve as a cautionary tale for others – and a stark reminder of the real-world costs associated with cybercrime.
All eyes will be on next week’s update, with investors hoping for reassurance, transparency, and a roadmap to recovery. Whether the retailer can maintain the momentum it had been building remains to be seen – but for now, restoring online services and customer confidence will be top of the agenda.
