The incursion, which began with a sophisticated act of impersonation involving one of M&S’s external partners, was not detected until two days after the breach occurred on April 17. By then, substantial damage had been inflicted on the retailer’s IT systems, culminating in depleted store shelves, crippled online functions, and an operational headache estimated to cost the business up to £300 million in profit.
