Alongside the release of its annual results today, Marks & Spencer revealed that it expects to take a £300m hit to its profits this year from last month’s cyber attack, with disruption to its online operations lasting until July.
The company is hoping to mitigate around £150m of the hit through the management of costs, insurance and other trading actions.
Chief Executive Stuart Machin admitted that the incident had been challenging, but it was “a bump in the road” and there would be no change to the company’s transformation plans.
The cyber attack saw personal customer data stolen, and the company has been unable to accept online orders for more than three weeks. Product availability has also suffered, with empty shelves in some stores.
In an update today, the company said that online sales and trading profit for clothing and home goods in the first quarter had been hit by its decision to pause online shopping because of the attack. It expects its website to reopen “within weeks” but disruption is likely to continue throughout June and into July.
Whilst food sales have also been affected by reduced availability, it said that this situation was improving.
Machin stressed that it was now focused on recovery, with the aim of exiting the period “a much stronger business”. He added: “There is no change to our strategy and our longer-term plans to reshape M&S for growth and, if anything, the incident allows us to accelerate the pace of change as we draw a line and move on.”
Machin also dismissed fears of a hit to shoppers’ confidence in the business, saying M&S customers had been “unwavering in their support” and that the retailer had been “very transparent” about the problem and had passed on information swiftly
The cyber attack overshadowed strong annual results from the company. Over the year to 29th March, M&S’s profit before tax and adjusting items rose 22.2% to £875.5m on total sales up 6.1% to £13.9bn.
In its Food division, sales increased 8.7%, with like-for-like growth of 8.6% driven by UK volume gains of 6.7%. Adjusted operating profit margin rose from 4.7% to 5.4% due to volume growth and cost reduction initiatives offsetting cost inflation. M&S noted its strong performance in the grocery sector was driven by price cuts, upgrades on over 1,000 products, and the introduction of 1,400 new lines.
During the year, it opened six new Food stores and two Foodhalls in its Full Line stores. Nine new renewal stores and one extension also traded ahead of target. A further nine Food stores and two extensions are planned for its current financial year.
Meanwhile, sales in its Fashion, Home & Beauty division increased 3.5%, with like-for-likes up 4.4% as the retailer broadened its appeal with new clothing lines. Adjusted operating profit margin was above target at 11.2% compared with 10.7% last year, as investments in digital and technology were offset by improved sourcing and cost savings.
“Three years ago, we introduced our Reshaping M&S for Growth plan with the objective of protecting the magic of M&S and modernising the rest,” Machin said. “Executing that strategy has delivered a third consecutive year of growth in sales and market share, profit and improving return on capital.”
He said that in the first few weeks of the new financial year, before the cyber attack, M&S had continued with “sales growth ahead of budget across both businesses”. However, the company did not give a figure for how much sales had fallen since the incident.
NAM Implications:
- A potential hit that can be diluted by 50% via insurance, management of costs, and other trading actions.
- (Leaving the damage to customer confidence in personal data security…
- …with a return to repeat online sales the only measure of success)
- But business is about recovering from crisis…
- …and M&S has to take this opportunity as a major retailer to demonstrate how to recover from cybercrime.
- Key for suppliers and rivals to lend support.
- (if only as preparation for their own needs to manage the inevitability of having to cope with similar cybercrises going forward)
- Truly a lesson for all…
