Marks & Spencer Group Plc is facing a £300 million ($403 million) hit to operating profit this fiscal year from a cyberattack last month it blamed on human error that is still disrupting sales and operations.

The British retailer will try to mitigate the impact with cost savings and insurance payouts, it said May 21. Online clothing and home orders, which account for more than £3 million of sales a day, will resume “in a matter of weeks,” M&S said, with the disruption expected to continue into July.

It is a major setback for a business that was delivering on chief executive officer Stuart Machin’s turnaround plan. M&S reported the highest pretax profit in 15 years for the year that ended before the cyberattack, as shoppers bought more groceries, and as the brand shook off its reputation for dowdy clothing designs.

M&S’s shares rose 2.6% in London, reversing an earlier decline and paring a 10% drop since the attack was announced on April 22. 

The company called the attack a “bump in the road,” but the hit to operating profit — which is roughly equivalent to a third of last year’s performance — is worse than analysts expected. Still, quantifying the cost suggests “management is confident a solution is in sight,” analysts at Deutsche Bank said in a note.

M&S is only just starting to flesh out details of the attack, which forced it to halt contactless payments, and created gaps on shelves, as it took some IT systems offline. Last week it said some personal customer data was stolen.

Hackers entered M&S’s systems via “human error” at a third party, Machin told reporters on a call. He declined to comment on media reports that the business partner was Tata Consultancy Services, saying only that M&S is “grateful to all third parties we work with.”

“We have to be vigilant and lucky every day — threat actors only have to be lucky once,” he said. “We didn’t leave the door open; this wasn’t anything to do with under-investment.”

A cybercrime gang known as “DragonForce” has taken credit for the M&S hack, as well as other attempts to infiltrate grocer Co-op Group and luxury department store Harrods Ltd. The group told Bloomberg it carried out the attacks with partners to extort money from victims, and plans to hit the UK’s retail sector again, saying the recent breaches were “just a start.”

Cybercrime is an increasingly prevalent problem in the UK and worldwide. On May 19, the U.K.’s Ministry of Justice said hackers stole a “significant amount of personal data” from people who received legal aid across England and Wales.

The Home Office estimates cybercrime costs the U.K. economy billions of pounds in losses annually. Last year a cohort of Russian-speaking hackers demanded a $50 million ransom from a U.K. lab-services provider to end a ransomware attack that paralyzed London hospitals for weeks.

The attack on Marks & Spencer caused havoc. Food sales have suffered due to reduced availability, although this is improving, while the switch to manual processes has incurred additional waste and logistics costs.

It has overshadowed an improvement in the company’s earnings. M&S reported £876 million in profit before tax and adjusting items for the year ending in March, beating analyst estimates. The retailer said it’s confident in prospects for medium-term growth, and is increasing its dividend by 20%.

Statutory profit before tax fell almost 24%, though, partly due to an impairment charge of £249 million relating to the value of the company’s investment in Ocado Retail, its joint venture with Ocado Group Plc for online groceries.