M&S has only issued limited information in its official statements, and has not put anyone up for interview.
However, people claiming to work for the retailer have given a sense of the chaos on social media.
On Reddit, users who identified themselves as M&S workers, something the BBC has not verified, described the impact of the cyber attack.
One wrote that most internal systems had been affected and that there had been experiments with “resuming operations manually with paper and pen”.
Another poster said head office staff were working weekends, and that the problems were “like going back in time”.
While some reported shortfalls in goods coming in, others described oversupply of some items, which meant food went to waste.
What is clear is other companies are watching what’s happening closely, even more so since another retailer, the Co-op, shut down some of its IT systems this week in response to a separate cyber attack.
“We’re patching like mad,” is what one retailer told the BBC.
In other words, they are making sure every part of system has the most up-to-date software and protections.
Sir Charlie Mayfield, the former chairman of John Lewis, said other firms understood only too well how vulnerable they were.
“Online shopping has completely transformed retail – as technology becomes more pervasive, the risk of this kind of attack rises with it,” he told the BBC.
According to the cyber security breaches survey, conducted by the UK government, 74% of large businesses said they were targeted with cyber attacks last year.
It seems likely there will still be many difficult days ahead for M&S.
Additional reporting by Zoe Kleinman, Chris Vallance, Joe Tidy and Tom Gerken