Marks & Spencer has resumed its popular Sparks loyalty programme and introduced a limited-time staff discount as the retailer recovers from a major cyber-attack that disrupted operations earlier this year.
The Sparks scheme, along with all online orders, had been temporarily suspended after hackers infiltrated the company’s IT systems over the Easter bank holiday weekend in April.
Now, with systems gradually returning to normal, customers can once again enjoy the full suite of Sparks benefits—including personalised offers, birthday surprises and coffee rewards.
Over 1.8 million Sparks members are set to receive belated birthday treats throughout July.
These include complimentary gifts such as Percy Pig sweets, prosecco and biscuits—available to those with birthdays in May, June, and July, as M&S looks to catch up on missed celebrations.
In a show of appreciation for employees, M&S is also offering a boosted discount for 63,000 staff members and over 2,500 contractors.
The standard 20% staff discount will be increased to 30% across clothing, homeware and beauty for four days.
For the first time outside of Christmas, contractors—including cleaners, security personnel, and beauty advisors working with brands like Clinique and Estée Lauder—will receive a 10% discount.
Despite these goodwill gestures, the retailer has warned that the cyber-attack could dent profits by up to £300 million this financial year.
The breach forced M&S to suspend online sales for nearly seven weeks, during which customers’ data—including names, addresses, birth dates and purchase histories—was compromised.
Online clothing orders resumed last month, with homeware following soon after. However, M&S’s “click and collect” service remains unavailable, along with online orders for food-to-order items such as party platters and celebration cakes.
Full digital service is expected to return within the coming weeks.
The National Crime Agency (NCA) and UK police are currently investigating the attacks, which targeted M&S, Co-op and Harrods in quick succession.
Four individuals, including three teenagers, were arrested last week. Authorities are probing links to “Scattered Spider”, a loosely organised group of native English-speaking hackers believed to be behind the coordinated breaches.
