Back in May, we published a blog about Marks & Spencer’s cyber incident — the one that disrupted payments, delayed Click & Collect, and left online shoppers frustrated. At the time, we called it a wake‑up call: proof that even household names can be knocked sideways by a single breach.
You can revisit that first post here: Marks & Spencer Ireland cyber incident – a wake‑up call for business internet security
Fast forward six months, and the incident can be measured in “pounds, shillings, and pence”. M&S’s latest published financial results show just how devastating the impact of ransomware can be:
- “underlying pretax profits tumbled 55.4% to £184.1 million in the six months to 27 September”.
- Lost sales were £324 million.
- Direct costs: Immediate recovery, IT response, and legal support cost around £136m, with total impact expected to approach £300m for the year.
- Sales disruption: Online fashion and home sales dropped by more than 40% while orders were suspended for nearly two months.
- Operational downtime: Online systems were down from Easter into the summer; click‑and‑collect wasn’t fully restored until August.
Sources: The Irish Times – M&S takes £154m profit hit from cyber attack
The Independent – Cyberattack on Marks & Spencer slices profits by more than half
Tales from the frontline
Here’s what we’re seeing in real life:
- Existing Newtec clients: Our current clients haven’t faced the kind of disruption Marks & Spencer went through. Their systems are protected with
- 24/7 monitoring, endpoint detection,
- Threat hunting, advanced Cyber defence
- Zero‑trust access controls,
- Cyber training for end users ,
- Tested backups.
These layers mean ransomware attempts are stopped before they ever become headlines. For them, incidents are contained quietly and quickly, without business‑stopping consequences.
- Calls from new firms: At the same time, we’re getting calls from companies that weren’t prepared. Some reach out after the damage is already done: operations halted, reputations shaken, and costs spiraling as they scramble to recover. Others contact us in the middle of an attack, urgently looking for protection because they’ve just been hit. The contrast is stark: businesses that invested in prevention carry on without disruption, while those that delayed action are now paying the price in downtime, lost revenue, and shaken customer trust.
Why this matters for you
The first blog was the warning. This latest outcome is the proof. Cyber incidents don’t just cause inconvenience — they can erase profits, stall growth, and damage trust for months.
For any business, the lesson is clear: cybersecurity isn’t optional. It’s the foundation of continuity.
What you can do today
- Monitor 24/7 so threats are caught before they spread.
- Protect every device with endpoint detection and response.
- Lock down access with multi‑factor authentication and zero‑trust principles.
- Test your defenses through regular vulnerability scans and penetration tests.
- Train your team to spot phishing and social engineering attempts.
- Secure your backups with immutability and recovery drills.
The takeaway
The M&S case shows the full arc: from disruption in May to profit halving as reported in November. One breach can undo years of growth.
But here’s the bigger lesson: don’t wait until after you’ve been attacked to act. By then, the damage is already done. Prevention is always cheaper, faster, and less painful than recovery.
Ready to protect your business?
Don’t wait until your profits are reduced. Take action today.
Call us on 01 531 3777 Visit us at www.newtecservices.ie
- Book a 30‑minute cybersecurity consultation to benchmark your resilience.
- Or request a SOC (Security Operations Centre) + EDR demo to see how the correct coverage changes outcomes.
