Marks & Spencer (M&S) suffered a major ransomware cyberattack in April 2025, attributed to a group called DragonForce, according to the retailer's chairman, Archie Norman. The attack involved a sophisticated impersonation of one of M&S's third-party users, leading to the suspension of the retailer's online shopping operations for nearly seven weeks. The incident resulted in estimated losses of £300 million. In response, M&S enlisted support from the FBI and UK agencies to combat the attack. Norman told UK parliamentarians that hackers attempted to destroy the company and that M&S remains in a rebuilding phase. He also highlighted the UK's insufficient resources to handle cyberattacks and called for a legal requirement for British companies to disclose major cyber incidents, citing that some recent attacks on large UK firms went unreported. When questioned, Norman declined to confirm whether M&S paid a ransom to the attackers. The cyberattack has prompted discussions about the need for better preparedness and wargaming of cyber threats in both public and private sectors.