M&S hackers believed to have gained access through third party

The hackers behind a cyber-attack on Marks & Spencer (M&S) managed to gain entry through a third party who had access to its systems, the BBC understands.

The cyber-attack, which happened in April, has caused millions of pounds of lost sales for M&S and left it struggling to get services back to normal, with online orders paused for more than three weeks.

The supermarket declined to comment on the nature of the breach or these new details, saying "availability is now in a much more normal place with stores well stocked this weekend".

DragonForce - the name the criminals are using - previously told the BBC it was behind the attack and was also responsible for hacking the Co-op and an attempted hack on Harrods.

M&S will announce its annual results on Wednesday, but the focus will all be on the devastating attack and its financial impact.

Bank of America analysts believe M&S has lost more than £40m of sales every week since the incident began over the Easter bank holiday weekend.

It announced on 25 April it had stopped taking online orders. Some stores were left with empty food shelves after the firm had to take some food-related systems offline.

On a precautionary basis, M&S decided to close down many of its IT operations following the attack, effectively locking itself out its core systems as it grappled to deal with the attack.

The biggest challenge is getting its online system fully operational again, which accounts for around a third of its clothing and homeware sales.

M&S told the BBC: "Our stores have remained open and availability is now in a much more normal place with stores well stocked this weekend."

The retailer said on 13 May that some personal customer data was stolen in the cyber attack, which could include names, date of birth, phone numbers, home addresses, email addresses, household information, and online order histories.

It added that any card information taken would not be useable as it does not hold full card payment details on its systems.

The Co-op, which the hackers previously told the BBC they had targeted, said on 30 April that it had shut down parts of its IT systems in response to the attack. The hack caused payment problems and widespread shortages of goods in shops, and customer and staff data was compromised.

It said on Wednesday that customers should see stocks return to more normal levels on Saturday and Sunday.