Example to others
You can't just hide behind a cyber insurance policy to justify pulling security investment and poor incident response planning.
You will be left out of pocket and out of ideas.
M&S pegs cyberattack cleanup costs at £136M as profits slump
Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total. The British retailer disclosed the figure in its half-year results Wednesday, having recorded £101.6 million ($132.4 million) in charges for the six months ended September 27. It expects another £34 million ($44.3 million) in …
-
-
-
Wednesday 5th November 2025 15:23 GMT Anonymous Coward
Re: Example to others
"And you'd imagine M&S wouldn't have the cheap insurance either."
Could be pricier with zero NCD now. They'll have to start looking at the cheap insurers with crap policies on Comparethemarket, but at least they should get a meerkat cuddly toy with next year's policy.
-
-
-
-
Wednesday 5th November 2025 13:35 GMT cookiecutter
zero sympathy
they offshored & outsourced to TCS to save money while sticking the british flag all over its produce & products..... fuck em!!!
from what i understand the initial access was a phone call to an indian call centre to change a password. then the encryption encrypted their vmware estate, which in a well structured environment should be impossible without alarms screaming everywhere.
so fuck em! the insurance company should have told them to fuck off as this was about as self inflicted as it gets & NCSC should have told them to fuck of when they came begging for help.
If vodafone or lloyds get hacked, i hold them in the same disdain! And if i hear the words "lack of cybersecurity skills in this country" Im going to stab myself in the face in the reception of the Department of Business, there's 1000s of unemployed guys in infrastructure who can't get jobs because of this offshoring bullshit & the millions of visas handed out to the consultancies to destroy our Tech industry
-
Wednesday 5th November 2025 15:16 GMT Like a badger
Re: zero sympathy
And if i hear the words "lack of cybersecurity skills in this country" Im going to stab myself in the face in the reception of the Department of Business
Please don't do that, for two reasons:
First, I work for the Department of Business and Trade (albeit not in the wildly overcrowded London HQ), but it'd be my colleagues slipping up in the pool of blood, and because a lot of people are working in corridors I might yet see you in the background of a Teams call doing your thing.
Second, the people currently accountable are probably more likely the Department for Science, Innovation and Technology and they're 150 yards down the other end of Whitehall. Or even HMT who are the other direction along Whitehall and round the corner. You wouldn't want to waste your gesture in the wrong place would you?
-
Wednesday 5th November 2025 17:59 GMT cookiecutter
Re: zero sympathy
it was business and trade at tech london openly celebrating the fact that 1/2 the stands there were from other countries hawking "offshore your work to us" & business & trade bod whose face you could literally see rebooting when i mentioned to him that it was fucked that an event called "Tech London" seemed to be doing its best to move as many jobs OUT of london.
when i told him they i genuinely could not advise any one doing A levels to do a STEM degree as any good jobs would be offshored by the time they graduate so they might as well become plumbers, he genuinely told me that STEM graduates should learn to network & "get out there "......all those things IT people are famous for being good at
-
-
-
Wednesday 5th November 2025 15:41 GMT Anonymous Coward
Re: zero sympathy
" And if i hear the words "lack of cybersecurity skills in this country" I'm going to stab myself in the face"
Recently advertised for 2 analyst roles, had 165 applicants so definitely a bigger pool than I've seen in previous years, definitely people wanting work out there
-
-
-
Wednesday 5th November 2025 15:19 GMT Like a badger
A chunk of the Simply Food stores aren't run by M&S, they're franchised to the organisation formerly known as WHSmith, so maybe it's them you have to thank?
But its a fair point, that Morrisons (and Asda) were bought by private equity twats who thought it was easy to run a full range supermarket, and have found the hard way that it is incredibly hard.
-
Friday 7th November 2025 07:52 GMT JT_3K
The former is attributed to suppliers bending over backwards so hard to accommodate M&S new offline processes that their head actually ended up in front of their stomach. The article covers the main point which is in-store, all their processes (rotation, etc) failed so they've had tremendous losses. They've also ordered what they guessed, not what they'd really needed so they've over ordered in lots of places leading to more local loss.
The Morrisons one is easy to explain, although it took me a long time to find out (I've been raging about our local store for years). Their store managers are bonussed almost exclusively on waste/loss. Because of this, they'd prefer not to order replenishment stock until such a point that they're certain they need it and for slower moving lines, that can be a real challenge. My example is that I need to go as they're the only ones that stock the jalapenos I like (or were for a while) and when I'd emptied the shelf, it stayed empty for over a week. I had a similar experience when I drank considerable amounts of Ramune for a while. Because of that idiotic directoral decision, the stores always feel somewhat post-apocalyptic with us fighting over the last box of bran flakes.
-
-
Wednesday 5th November 2025 13:56 GMT elsergiovolador
Benefits
So M&S de facto shat on local IT workforce by choosing foreign "experts" and now is reaping the benefits of the decision.
Look at the corporate gaslighting:
M&S is part of the community where our customers and colleagues live and work. We drive action that makes a meaningful difference in the communities that we serve.
Biting the hand that feeds IT
