Marks & Spencer’s chair has said the hackers behind April’s cyber attack were “trying to destroy” the business.
The retailer halted online orders and customers were faced with empty shelves in some shops following the attack, which M&S has said will continue to affect customers until the end of this month.
Archie Norman told MPs the company believed hacker group DragonForce was responsible.
He said the group’s motives were “not entirely clear but [were] partly, undoubtedly, ransom or extortion”.
“It’s very rare to have a criminal actor from another – or in this country, we’re never quite sure – seeking to stop customers shopping at M&S, essentially trying to destroy your business for purposes which are not entirely clear but are partly, undoubtedly, ransom or extortion,” he added.
Speaking to MPs on the Business Select Committee, Mr Norman described the experience as “traumatic” and said “for a week probably, the cyber team had no sleep – three hours a night”.
He added that though customers will see the business running as normal by the end of July, “background systems – that hopefully customers don’t see – we will still be working on [in] October or November.”
M&S has predicted the attack will hit this year’s profits by around £300m, though Mr Norman said the firm hoped to recover some of this cost from insurance payouts.
