As Marks & Spencer grapples with the fallout of a significant cyber attack, others who’ve been through similar ordeals are offering insight into what it’s like to be targeted by hackers—and how
they responded.
A school federation’s ordeal
REvil demanded $4 million in cryptocurrency, threatening to double the ransom to $8 million if it wasn’t paid within 10 days. The breach disrupted payroll, billing, teaching resources, medical records, and even fire and communication systems.
Rather than pay the ransom, the school enlisted cyber security experts and a negotiator, who posed as a confused administrator to stall the hackers while the IT systems were rebuilt. It took three months and £750,000 to recover—30,000 devices had to be cleaned.
Personal and business impacts
The damage from cyber attacks isn’t limited to big organizations. Wedding dress designer Catherine Deane described the emotional toll of having her company’s Instagram hacked:
“It felt like the rug had been pulled from under us. We put years of work into that platform.”
She described dealing with Meta, Instagram’s parent company, as “almost traumatising.”
In the healthcare sector, a ransomware attack on pathology provider Synnovis last year severely disrupted blood transfusion services at several major London hospitals. Staff were forced to process samples manually, which required significant additional manpower.
M&S employees describe the fallout
While M&S has issued minimal public information, individuals claiming to be staff have taken to Reddit to describe the situation. They report widespread system failures, manual workarounds with paper and pen, and staff working overtime.
Some noted issues with supply chain disruptions—both shortages and oversupplies leading to waste. One described the atmosphere as “like going back in time.”
Industry on high alert
Other retailers are watching closely. The Co-op recently shut down parts of its IT system due to a separate cyber threat. One retailer told the BBC they were “patching like mad” to update their systems and prevent similar breaches.
According to a UK government survey, 74% of large businesses experienced cyber attacks in the past year. For M&S, this may be just the beginning of a difficult recovery. Photo by mailer_diablo, Wikimedia commons.