By James Davey and Sarah Young

LONDON (Reuters) -A month after a costly cyberattack on one of Britain's best known retailers, Marks & Spencer has yet to restore online shopping as it prioritises safety over speed, while retailers worldwide race to boost their defences.

The attack on the 141-year-old M&S, has likely already cost it over 60 million pounds ($80 million) in lost profit, according to analysts. It has also wiped over 1 billion pounds from M&S' stock market value.

Hackers have also hit the Co-op and Harrods in Britain, and Google said last week those responsible were targeting U.S. companies.

So far, M&S has been positively surprised by customers' willingness to shop in-store instead of online, one person with knowledge of M&S's response to the attack told Reuters, although it is also nervous patience will run out.

The person said systems were being brought back online every day, but that the company was prioritising safety over speed.

The person, who asked not to be named because of the sensitivity of the issue, did not know when online clothing ordering would resume.

M&S has said very little about the cyber incident that it disclosed on April 22.

Three days later it stopped taking clothing and home orders through its website and app, and it said last week some personal customer information was stolen in the hack.

Cyber analysts and retail executives said the company had been the victim of a ransomware attack, had refused to pay - following government advice - and was working to reinstall all of its computer systems.

An M&S spokesperson declined to comment on the cyberattack, saying the company has been advised not to.

As systems were taken offline, some clothing, home and food products became unavailable in stores.

By Thursday, M&S' stock forecasting system for food was operating again, restoring normal flows from distribution centres to stores. It said availability was "looking better every day".

Neil Thacker, global privacy and data protection officer at cybersecurity company Netskope, said M&S was right to take its time. "They want to get it right, (so) that they recover to a better state than perhaps they were in previously," he said.

SCATTERED SPIDER AND DRAGONFORCE

A hacking collective known as Scattered Spider that deploys ransomware from a group calling itself DragonForce, has been blamed in the media for the attack.

One source told Reuters that at least two Tata Consulting Services employees’ M&S logins were used as part of the breach.

TCS, which provides IT services to the retailer and manages its help desk, declined to comment.