M&S warns cyber attack disruption will last months and will wipe £300million off profits

has warned the which has paralysed its online sales for a month could wipe around £300million off its annual profits and last until July.

The huge hit - which is before factoring in what it may get back through insurance - does not include the blow to takings.

In its first update on timings, M&S says it expects online clothing and homewares sales to continue to be impacted throughout June and into July as it restarts its operations. By then, it could be three months since the incident first occurred.

READ MORE:

READ MORE:

While M&S has not given details of the hit to sales, experts have estimated it is losing around £40million worth of takings for every week its online operation is crippled.

Its online arm saw 'active' customer numbers jump to over 10 million last year, with sales of £1.35billion.

In an update, M&S said: "We expect online disruption to continue throughoutJune and into July as we restart, then ramp up operations. This will also mean increased stock management costs in the second quarter."

Boss Stuart Machin said: "Over the last few weeks, we have been managing a highly sophisticated and targeted cyber attack, which has led to a limited period of disruption. We have tackled this head on with incredible spirit, teamwork and deep sense of responsibility as we prioritised serving our customers.

"It has been challenging, but it is a moment in time, and we are now focused on recovery, with the aim of exiting thisperiod a much stronger business. There is no change to our strategy and our longer-term plans to reshape M&S for growth and, if anything, the incident allows us to accelerate the pace of change as we draw a line and move on."

He went on: "Over the last 140 years, M&S has overcome many challenges - testament to the longevity of this brand. This incident isa bump in the road, and we will come out of this in better shape, and continue our plan to reshape M&S for customers, colleagues and shareholders.

"I would like to thank all of our colleagues and supplier partners for their hard work and dedication and, importantly thank our customers. They have been unwavering in their support, and we are incredibly grateful for their patience and trust in M&S.”

It came as M&S revealed profits jumped 22.2% at £875.5million in the year to April - highest in over 15 years - but before the cyber attack emerged.

’s online clothing sales have been paralysed since April 25. A message on its website reads: “As part of our proactive management of a cyber incident, we have made the decision to pause taking orders via our M&S.com websites, and over the phone.”

Days earlier - on April 22 - the company revealed it had suspended contactless payments in store because of a “cyber incident”. They resumed soon after.

Online has become an increasingly important to M&S - as for other retailers - and had more than nine million “active” customers and almost £1.3billion of sales in its previous financial year.

The saga has also hammered M&S’s reputation - and share price - just as it was recovering after many years of failed overhauls. More than £1billion has been wiped off its stock market value since the attack was first revealed. Reports say M&S has been positively surprised by customers’ willingness to shop in-store instead of online, although it is also nervous patience will run out.

M&S is among a wave of companies struck by ransomware - a form of malicious software designed to burrow into companies’ systems, steal commercially sensitive information, which is then locked, with crooks demanding their victims pay money before handing them the key.

Neil Thacker, global privacy and data protection officer at cybersecurity company Netskope, said M&S was right to take its time. “They want to get it right, (so) that they recover to a better state than perhaps they were in previously,” he said.

. Graeme Stewart, head of public sector at security company Check Point, said attempted ‘ransomware’ attacks on UK retailers had surged in the past two months, with the sector going from the twelfth most targeted to fifth.

The top four, ominously, are all in the public sector, typically higher education, the , local government and the . Asked if it was inevitable that another retailer would fall prey to cyber attackers, Mr Stewart said: “Yes, because what happens with these sorts of things is that they come in waves.”

Police are investigating the attack on the M&S, as well as the and Harrords. The focus is a notorious group of hackers calling itself Scattered Spider, which is believed to include members - some in the UK - as young as 16.

“We are looking at the group that is publicly known as Scattered Spider, but we’ve got a range of different hypotheses and we’ll follow the evidence to get to the offenders,” Paul Foster, head of the NCA’s national cyber crime unit, said in a new documentary. In light of all the damage that we’re seeing, catching whoever is behind these attacks is our top priority,” he added.