+44 (0) 203 667 3744 | info@nadinedereza.comNadine Dereza on LinkedIn Nadine Dereza on X-Twitter Nadine Dereza on YouTube Nadine Dereza on Flickr Nadine Dereza on Instragram 

Nadine Dereza

+44 (0) 203 667 3744 | info@nadinedereza.com

Nadine Dereza on LinkedIn Nadine Dereza on X/Twitter Nadine Dereza on YouTube Nadine Dereza on Flickr Nadine Dereza on Instragram 

What can we learn about how M&S handled their cyber attack?

by | Apr 29, 2025 | Communication, Crisis Planning, Media Training, Tips and Ideas

All businesses are under threat – but there are steps you can take

Over Easter Monday, reports began to surface that M&S stores were experiencing issues with contactless payments, forcing customers at the checkouts to reach for chip and PIN or cash (remember that?). What might seem like a minor inconvenience in the bagging area has had big repercussions with over £700 million wiped off the retail giant’s stock market valuation.

The incident – which has all the hallmarks of a ransomware attack – is still unfolding but the scale is huge: online purchases have been paused since Friday, “pockets of limited availability” are being reported in stores across the country and there are reports of agency staff being asked not to come to work, while remote-working employees have been locked out of their IT systems. 

According to retail experts, the inability to process online orders alone could be costing Marks and Spencer a staggering £3.5 million per day. 

While M&S has vaguely referred to a “cyber incident” and the need to take some systems “temporarily offline” as part of their “proactive management,” they have declined to offer any timeframe for when normal services might resume, leaving customers and investors in the dark.

In an age of instant information and heightened awareness of cyber threats, the lack of transparency may prove to be a critical misstep. The continued silence is only fueling speculation and anxiety, especially for customers who are questioning whether their personal data has been compromised. 

This incident highlights two issues: getting the IT systems under control and back online and managing the reputational damage caused by the incident. 

Effective crisis media communication becomes essential to mitigate the damage, reassure stakeholders and demonstrate a commitment to resolving the issue. The fact that M&S hasn’t updated their holding statement in days points to a strategy of containment through silence, which is already beginning to backfire. 

At Babaco Media, we understand the critical importance of proactive crisis preparedness, particularly in the face of escalating cyber threats. While many businesses feel they are “too small for attackers to worry about”, the reality is that bad actors are using AI and automation tools to target vulnerabilities across businesses of all sizes. If you think your organisation will “fly under the radar”, you could be underestimating just how effective the cybercriminals’ radar is.  

For many companies, the first real test of their cyber security isn’t a technical audit but the moment the attack happens and the media spotlight turns their way. That’s why Babaco’s Crisis Media Communications Programme goes beyond simply reacting to events. We work with businesses to develop bespoke crisis communication plans, tailored to the specific risks they face. Our services include:

  • Developing proactive communication strategies: Preparing key messages, identifying stakeholders and establishing clear communication protocols before a crisis hits.
  • Conducting simulated crisis scenarios: Putting your team to the test in realistic, high-pressure environments to identify vulnerabilities and refine your response.
  • Media coaching for key spokespeople: Equipping your team with the skills and confidence to communicate effectively and empathetically during a crisis.

At Babaco Media, we’ve seen first hand the power of preparation: As Founder and Media Director at Babaco, the team and I have extensive experience in creating and delivering realistic crisis media training and “what if” scenarios. As part of simulated cyber attack training days for large organisations, we draw on our background as journalists and communication specialists to play the role of ambush interviewers (otherwise known as “door-steeping media interviews), putting crisis response teams through their paces and highlighting the critical importance of clear, consistent communication under pressure. This real-world experience informs the Babaco approach and ensures our clients are truly ready to face the unexpected.

The M&S cyber attack serves as a stark reminder that in today’s digital landscape, cyber security is not just an IT issue – it’s a business continuity and reputational risk that demands a comprehensive and proactive approach. Silence is not a strategy; transparency, preparedness and effective communication are the cornerstones of resilience in the face of a cyber crisis.

Is your business prepared for the inevitable? Don’t wait for a cyber attack to test your communication strategy. Contact Babaco Media today to learn how our crisis media offering can help you build resilience, protect your reputation and navigate the complexities of a digital crisis.