Marks & Spencer has reopened its website for online orders, six weeks after a major cyberattack forced the retailer to suspend its digital operations.

In a message posted online, the company confirmed that standard delivery is now available to customers in England, Scotland, and Wales, with services to Northern Ireland, as well as click-and-collect, next-day, nominated-day, and international delivery options set to return in the coming weeks.

The cyberattack, which occurred in April over the Easter weekend, caused significant disruption. Online orders were halted, and some store shelves were left empty as the company switched to manual operations. Hackers also accessed customer data, including names, email addresses, postal addresses, and birth dates.

John Lyttle, M&S’s managing director of clothing, home and beauty, thanked customers for their patience and said that more fashion, home, and beauty items will be added to the website daily.

The retailer disclosed in May that the attack stemmed from human error and estimated the incident would cost around £300 million. Although physical stores remained open, contactless payments were initially affected.

Chief Executive Stuart Machin emphasized that the breach occurred through a third-party system and not due to a lack of investment in cybersecurity, calling the event “unlucky.”

Reports later revealed that the hackers, allegedly part of the DragonForce group, sent an abusive ransom email to Machin using a compromised employee account. The message included threats, a link to a darknet site for ransom negotiations, and a graphic of a fire-breathing dragon.

While M&S declined to comment on the specifics of the cyberattack, a second group, Scattered Spider—a network of young hackers based in the UK and US—has also been linked to the incident. Photo by GianniM, Wikimedia commons.