M&S website leaks customer details

<p>A website glitch allowed customers to see each others’ details when they logged on.</p>

The Marks and Spencer website was suspended for two hours on Tuesday night after a fault on the website allowed customers to see each others' detailed when they logged into their own accounts.

Marks and Spencer said the glitch was the result of an internal error – not an external hack or other attack. The company also said that full credit card details were not exposed.

However, the firm also warned that personal data was shown – this included names, dates of birth, contact details and information about previous purchases made through the website.

One website user, Mark Hill, told the BBC that he had seen someone else's account information when he tried to register for a store loyalty card.

"It accepted my registration but then told me I had 9,000 sparks points, which I thought was a bit odd," he explained.

"So, I looked at the account details and despite saying 'Hi Mark', it was quite clearly an account belonging to a female in a different part of the country," he added.

Another customer said they were able to see partial credit card details for someone else's account – a screenshot with the details blurred out appeared on the BBC website.

Marks and Spencer apologised for the error. A spokesman said: "Due to a technical issue, we temporarily suspended our website yesterday evening."

He added: "This allowed us to thoroughly investigate and resolve the issue and quickly restore service for our customers."

Shares in Marks and Spencer dipped sharply in morning trading, but rose again throughout the day. At 15:50 BST, shares were down 0.28 per cent from the previous day's close at 510.58.

TalkTalk hack

The Marks and Spencer website glitch comes just days after broadband and telephone provider TalkTalk suffered a website hack, which put millions of customers' data at risk.

A 15-year-old boy in Northern Ireland has been arrested in relation to the hack and TalkTalk's share prices are down to 249.90, compared to 268.50 before news broke of the security breach.

Join our live webinars for the latest analysis and trading ideas. Register now

GAIN Capital UK Limited (trading as “City Index”) is an execution-only service provider. This material, whether or not it states any opinions, is for general information purposes only and it does not take into account your personal circumstances or objectives. This material has been prepared using the thoughts and opinions of the author and these may change. However, City Index does not plan to provide further updates to any material once published and it is not under any obligation to keep this material up to date. This material is short term in nature and may only relate to facts and circumstances existing at a specific time or day. Nothing in this material is (or should be considered to be) financial, investment, legal, tax or other advice and no reliance should be placed on it.

No opinion given in this material constitutes a recommendation by City Index or the author that any particular investment, security, transaction or investment strategy is suitable for any specific person. The material has not been prepared in accordance with legal requirements designed to promote the independence of investment research. Although City Index is not specifically prevented from dealing before providing this material, City Index does not seek to take advantage of the material prior to its dissemination. This material is not intended for distribution to, or use by, any person in any country or jurisdiction where such distribution or use would be contrary to local law or regulation.

For further details see our full non-independent research disclaimer and quarterly summary.