M&S site suffers security issue

Friday, October 30, 2015 - 09:40 by Graham Miller

Earlier this week the e-commerce site operated by Marks & Spencer had to be temporarily suspended as a result of a glitch, which allowed customers to view orders placed by other shoppers using the site, according to ITV News.

Although M&S said that while no private data had been put at risk as a result of the incident, there were a number of cases of customers being able to see partial portions of payment card information belonging to other users.

Facebook posts left by customers on the official M&S page, revealed that some people had been able to access info on user addresses and previous orders which were not their own. This suggests that the situation was perhaps more serious than the retailer was willing to admit at the time, although the site has since been restored, following a resolution for the issue apparently being uncovered.

M&S apologised to shoppers in a statement and confirmed that some downtime had been necessary to ensure that customers will now be able to carry out safe shopping online again unhindered.

It also pointed out that because the payment card information it stores for customers who want to place orders in the future is encrypted, this was never fully exposed. But the fact that other types of personal information do seem to have been available to third parties, could leave some shoppers dissatisfied.

E-commerce glitches are, thankfully, rare and for the most part, people in the UK are able to carry out safe shopping online with major retailers without a worry. But it is incidents like this that help to raise awareness about the importance of online security and the need for companies to regularly check their sites for errors, to avoid embarrassing issues arising and more unwelcome publicity.