fbpx

Lessons from the M&S chaos

12th May, 2025

Marks & Spencer, the UK’s much-loved High-Street giant, found itself in the eye of a perfect storm. A sophisticated ransomware attack forced M&S to pause online orders, disrupt Click & Collect, pull job adverts, and even leave some of its store shelves conspicuously empty. With over £500 million wiped off its market value and daily web sales of around £3.8 million halted overnight, it is a stark reminder that if this can happen to Marks & Spencer, it can happen to anyone.

Before you tuck your head under your desk in panic, let us unpack what the M&S breach really means for small businesses, and how you can turn this crisis into your own cybersecurity wake-up call.

  1. No business is too small for cyber threats

Ransomware does not discriminate. Once a hacker group uses malware to extort big names, they will happily target less fortified small businesses next. In fact, small and medium-sized enterprises often make more tempting targets precisely because their defences tend to be weaker. Do not wait until you see “paused online orders” on your own site before taking action.

Conduct a basic cybersecurity audit today. Even a simple checklist, up-to-date antivirus, strong unique passwords and two-factor authentication on all critical accounts can dramatically lower your risk.

  1. Customer trust can vanish overnight

M&S may enjoy decades of brand affection, but its silence after the initial breach is already causing reputational scrapes. As consumer expert Kate Hardcastle points out, keeping quiet can be unsettling for customers at a time when trust and transparency are most valuable.

For small businesses, where personal relationships and word of mouth drive sales, news of a data breach or even a prolonged technical issue can cost you more than immediate revenue; it can eat away the goodwill you have spent years building.

Prepare a communication plan. Draft holding statements, designate a spokesperson, and decide on the channels you will use to keep customers informed calmly and candidly.

  1. Recovery costs go beyond ransoms

While the hackers behind the M&S attack will demand a high price, the real cost balloons once lost sales, PR management, legal fees and system restoration are taken into account. For a small business, that level of hit can be catastrophic.

The lesson from M&S is not that hackers only target the big fish but that no fish, big or small, is immune. By taking proactive and practical steps now, you can build a fortress around your business’s reputation, revenue and relationships. After all, in the digital age, preparedness is your strongest defence.

Invest in cyber insurance tailored to your business. We can help you look for coverage that includes not only cyber extortion payments but also business interruption losses and costs for PR management.

Contact us today to discuss how we can help you to be as prepared as possible for any cyber threat at 0115 973 7303 or go to https://routenchaplin.co.uk/products/cyber

Business Insurance

Regardless of the size or sector of your business, we take a personal approach to finding you the most appropriate insurance cover, drawing on our network partnerships to ensure we achieve the most competitive premium.

Personal Insurance

A genuinely personal service for those looking to protect their personal assets. 1000's of customers choose Routen Chaplin to insure their possessions, which is testament to the high level of service and value that we continually deliver.

Key People

Get to know the Routen Chaplin insurance team

Steve Beeley Managing Director
Hannah Matchett Commercial Account Handler
Lorraine Hallett Commercial Account Handler
Steve Martin Private Clients
Gemma Bee Chief Operating Officer

"I believe in long-term relationships and in the last 15 years of working with Routen Chaplin, we have always received an exceptional customer service."

Nigel Rowson, Dairy Communications Ltd

"Some of our insurance requirements have been a little complex and Routen Chaplin have always managed to secure us with favorable terms."

Javid Rafiq, Sigma Commercial Solutions Ltd

"I have found it a seamless, uncomplicated process whenever we have had to increase or alter our insurance packages."

Darren Johnson, Supreme Protective Coating Ltd

"I am very satisfied with my level of service, everything is always well explained, quick & efficient."

Paul Rigby, Riggers Mobile Auto Repair

“I first used Routen Chaplin for my vintage car and now they cover all my vehicles, they are easy to talk to, they make my insurance cover a hassle-free, one stop shop.”

Andy Lloyd

"Most importantly to me is that I was able to actually speak to the person who was sourcing the best cover for me."

Geoff Lees

"I’d recommend their professional approach and services to anyone – a great asset to the local business community."

Paul Bismanis, W G Newman Garage Ltd

"Routen Chaplin saved us £4,000 on our Combined Insurance. Their service has always been prompt and information accurate.”

Stephen Inglesant, The Leicester Wholesale Fruit Market

News

Lessons from the M&S chaos
Christmas Opening Times 2024
Routen Chaplin Welcomes Sarah
We're Hiring: Personal Lines Handler
Cyber Risks Insurance

Is your business exposed
to Cyber Risks?

Why not use Routen Chaplin's online assessment tool and find out about your potential exposure. It's free to use and will take only a matter of minutes to complete.

Private Medical Insurance - Business

Running an SME calls for a focused, fit and healthy workforce you can rely on, with everyone playing their role and not taking unnecessary time off work.

Private Medical Insurance - Personal

PMI gives you access to eligible health treatment when you need it, from seeing a specialist for diagnosis to having a secure private hospital stay.