As it picks up the pace on renewing its store estate, the retailer is searching for large sites that could stock the full range of M&S Food, targeting areas where there isn’t currently an M&S store.

With 20 stores opening or renewing before the end of the financial year, creating 800 new jobs, the retailer said unlocking new sites will help deliver the plan to modernise and rotate the M&S store estate to a footprint of 180 full line stores and 420 Food stores.

All of the new stores would be in the new renewal format, with an extended range of M&S Food, wider aisle for bigger shopping trolleys and larger car parks for more family shoppers. Over the half of the stores across the estate, including convenience stores, are expected to be in the renewal format by April 2028.

Managing Director at M&S Food, Alex Freudmann said: “The strong performance of our new M&S Food stores gives us the confidence to explore even more locations across the UK.

“Our team want new sites where we could open a large M&S Food store as we deliver on our strategy to bring the right stores to the right places and offer the best shopping experience, range and availability for our customers.”

The post M&S begins search for 500 potential new sites for Food stores first appeared on Neighbourhood Retailer.

CEO of the retailer, Stuart Machin issued a statement saying they had written to customers to inform them that information had been taken and thanked them for their ongoing support.

The retailer revealed that personal data taken could include details including names, email addresses, telephone numbers, dates of birth, online order history, household information and ‘masked’ payment card details used for online purchases.

Additionally, anyone who has or previously had an M&S credit card or Sparks Pay, their customer reference numbers could also be included.

They added there is no indication that the information has been shared, and Machin said that no useable card or payment details or account passwords were taken, and customers do not need to take any action.

The retailer has endured a raft of difficulties since the cyber incident at Easter, with many services struggling to return to normal. Online orders are still suspended, customers are facing empty shelves in stores and appeals have been made for consumers to show their support for the High Street giant by visiting stores.

“To give customers extra peace of mind, they will be prompted to reset their password the next time they visit or long onto their M&S account and we have share information on how to stay safe online,” said the statement.

“Everyone at M&S is working around the clock to get things back to normal for our customers as quickly as possible, and we are very sorry for any inconvenience they have experienced. Our stores remain open as they have throughout.”

M&S has not revealed how many customers have been affected or have had their data stolen, but it said it has reported the case to the relevant authorities and is working with cyber security experts.

It is understood that the hackers, believed to be hacking group Scattered Spider, could still sell or share the data. Analysts have estimated that the incident and ongoing disruption to business could cost M&S millions of pounds each week.

The post M&S confirms personal customer information taken in cyber attack first appeared on Neighbourhood Retailer.

Following the cyber attack on Marks & Spencer over Easter weekend, Co-op fell foul of attackers in the days afterwards and continues to experience significant disruption.

With Click & Collect services and online orders suspended, gaps soon started appearing in-store on shelves within some M&S stores while it was reported that it could take weeks before operations begin to return to normal.

The attack on the Co-op saw the security of its 20 million members’ personal data compromised, after ransomware group, Dragonforce reportedly told the BBC it had a sample of 10,000 customers’ data including their membership card numbers, names, home addresses, emails and phone numbers.

As of 5^th May, the Co-op said it was continuing to experience “sustained malicious attempts by hackers” to access their systems, adding it was a “complex and ongoing situation” they are investigating in conjunction with the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA).

In the wake of the incidents, the NCSC issued essential guidance for retailers and businesses, stressing the importance of resilience and best practice to minimise the chances of falling victim to these attacks.

“Criminal activity online – including, but not limited to, ransomware and data extortion – is rampant,” said the NCSC. “Attacks like this are becoming more and more common, and all organisations, of all sizes, need to be prepared.”

Encouraging organisations to ensure two-step verification is deployed comprehensively, the NCSC also advises paying specific attention to Domain Admin, Enterprise Admin, Cloud Admin accounts, and checking if access is legitimate.

In a statement, the CEO of the Co-operative Group, Shirine Khoury-Haq thanked its member-owners for the continued support and sought to alleviate their concerns.

“The criminals that are perpetuating these attacks are highly sophisticated and our colleagues are working tirelessly to do three things,” she said.

“One to protect and defend our Co-op; two to fully understand the extent of the impact caused by the attack; and three to provide much-needed information to the authorities that may help them with their investigations.”

Acknowledging that the cyber criminals were able to access a “limited amount of member data”, Shirine Khoury-Haq added it was “obviously extremely distressing for our colleagues and members” and said she was “very sorry this happened”.

“We recognise the importance of data protection and take our obligations to you and our regulators seriously, particularly as a member-owned organisation.

“I appreciate you will want to know more, and I hope you will understand in order to protect our Co-op, we are limited as to the detail we can communicate at this time. I thank you for your patience and I will be back in touch as soon as possible.”

Meanwhile, customers have been reporting that some stores were informing customers they were “cash only” as card machines were offline, while others took to social media to highlight empty shelves in their local stores.

Co-op replied to some of these comments online apologising for stock issues and thanked customers for their support.

“Your store may be experiencing some product availability issues, please bear with us while we work hard on fixing some technical problems we are experiencing,” they said.

“We are continuing to serve our members and customers to the best of our ability and we are sorry if this means you might not be able to buy some of your usual products from us,” they added.

In a statement, NCSC CEO Dr Richard Horne said the disruption caused by the recent incidents impacting the retail sector were “naturally a cause for concern” to those businesses as well as consumers and the general public.

“The NCSC continues to work closely with organisations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture,” said Dr Horne.

“These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.”

The post Cyber attacks should act as “wake-up call” to businesses first appeared on Neighbourhood Retailer.

Many customers have complained about the lack of communication from the company, which revealed it had been targeted in the incident over Easter.

While the actual nature of the cyber attack has yet to be disclosed or when it expects its operations to return to normal, M&S has issued an apology to customers for the inconvenience caused.

Having paused shopping and ordering on its websites and app, the retailer stopped processing contactless payments and moved some of its processes offline in order to protect colleagues, partners, suppliers and its business. It reminded customers that their stores remain open.

In a statement issued on its website, M&S said it was working “extremely hard” to restart its online and app shopping, adding they were “incredibly grateful to customers, colleagues and partners for their understanding and support”.

As the impact of the cyber attack continues to be felt, the BBC has reported that some M&S stores have been left with empty shelves, adding it understands it could take until early May before operations begin to return to normal.

And while issues with contactless pay, Click & Collect and gift cards have since been resolved, customers are still unable to place any orders online.

It remains unclear just how many shops are now left with empty shelves, it is understood to be across its food stores network, with the retailer confirming “pockets of limited availability in some stores”.

The post Fall-out continues amid M&S cyber attack as claims some shop shelves are empty first appeared on Neighbourhood Retailer.

The store opened its doors on Wednesday 20^th November.

The new M&S Food is operated by SSP Group, a leading operator of food and beverage outlets in travel locations. M&S has a longstanding partnership with SSP Group in the UK, offering busy commuters, travellers and tourists the quality, value and convenience M&S is renowned for.

This milestone opening introduces M&S Food to one of Belfast’s most anticipated new infrastructure developments, positioning the brand at the heart of the city’s transport network.

Shoppers at the new store can enjoy a range of M&S favourites, including a freshly stocked in-store bakery offering a selection of warm, freshly baked pastries. The popular ‘Food to Go’ range features an assortment of salads and sandwiches, with locally sourced options from Newry-based supplier, Around Noon.

The store also offers convenient meal choices such as Collection Wood Fired pizzas and ready-meals, complemented by M&S’s well-loved range of treats, including the iconic Percy Pigs.

Eddie Murphy, M&S Country Director in Ireland & Northern Ireland said: “We’re thrilled to partner with SSP Group once again and open the first M&S Food store in a major Northern Ireland travel hub.

“Grand Central Station is a key part of Belfast’s infrastructure and unlocking the city’s future potential, and we’re proud to bring our quality and freshness to customers on the go.

“Whether commuters are grabbing a quick bite or picking up dinner for tonight, the store offers a fantastic range, including sandwiches from our local supplier, Around Noon. This not only highlights our commitment to support local producers, but also ensures fresh, great quality options for our customers.”

The M&S partnership with SSP Group, which operates food and beverage outlets in travel locations, currently manages 54 M&S Food stores across the UK.

Kari Daniels, CEO of SSP UK & Irelan, added: “We have a long-standing relationship with M&S Food and are excited to open our first store together in Northern Ireland. I’m confident that the powerful combination of M&S’s premium food range and our travel retail expertise will make this store a convenient and welcome stop for passengers at Belfast Grand Central Station.”

Chris Conway, Translink’s Chief Executive said: “Belfast Grand Central provides a space where people can meet, connect and engage. Retail outlets such as M&S will make this station more than just a place to travel through – it will become a destination in itself, contributing to a sense of community and well-being.”

The post M&S Food opens first store in NI travel hub at Belfast Grand Central Station first appeared on Neighbourhood Retailer.