M&S seeks mandatory cyber-reporting after a £300 million ransomware attack halted online shopping for seven weeks.

Marks & Spencer (M&S) is calling for mandatory reporting of cyber-attacks after a major breach that cost the company around £300 million and halted online shopping for seven weeks. The attack, possibly carried out by the ransomware group DragonForce, compromised customer data and prompted a class-action lawsuit by over 1,000 Scottish customers. M&S is still in "rebuild mode," with some services like click and collect still offline, and plans to triple its cybersecurity team and double expenditure. The company also faces a lengthy insurance claim process.