What's happened
Marks & Spencer (M&S) and Co-op are facing significant operational disruptions following cyberattacks attributed to the hacking group Scattered Spider. The incidents, which began in late April, have led to halted online orders and compromised customer data, including names and addresses. Recovery efforts are ongoing as both retailers work to restore services.
What's behind the headline?
Impact of Cyberattacks on Retailers
- Operational Disruption: Both M&S and Co-op have faced significant operational challenges, with M&S reporting a potential £300 million hit to profits due to reduced sales and increased waste.
- Customer Data Security: The breaches have raised alarms about customer data security, as personal information was accessed, although payment details were not compromised. This could lead to increased phishing attempts targeting affected customers.
- Long-term Consequences: The incidents highlight the vulnerability of retailers to cyber threats, particularly from groups like Scattered Spider, which have shown a pattern of targeting specific sectors. The ongoing recovery efforts may reshape how these companies approach cybersecurity in the future.
- Market Response: Analysts suggest that the financial impact of these attacks could be mitigated through insurance claims, but the reputational damage may linger, affecting customer trust and future sales.
What the papers say
According to the New York Times, M&S's chief executive, Stuart Machin, stated, "This has been a challenging time," emphasizing the focus on recovery. Meanwhile, The Guardian reported that the National Crime Agency is investigating Scattered Spider, which has been linked to multiple attacks on UK retailers. The Independent noted that Co-op is in a recovery phase, working closely with suppliers to restock stores after the cyber incident. These contrasting perspectives illustrate the broader implications of the attacks on the retail sector and the urgency for improved cybersecurity measures.
How we got here
The cyberattacks on M&S and Co-op emerged around Easter 2025, causing severe disruptions to their operations. M&S had to pause online orders, while Co-op struggled with stock availability. Both retailers reported that customer personal data was accessed, raising concerns about data security and operational integrity.
Go deeper
- What measures are being taken to improve cybersecurity?
- How are customers being informed about the data breach?
- What are the long-term implications for these retailers?
Common question
-
What Happened in the Marks & Spencer Data Breach?
Marks & Spencer has recently faced a significant data breach that has raised concerns among its customers. With personal information compromised, many are left wondering how this affects them and what steps they should take next. Below, we address common questions regarding the breach and its implications.
-
What Happened in the M&S Cyber Attack and How Can Customers Protect Themselves?
The recent cyber attack on Marks & Spencer (M&S) has raised significant concerns about data security in retail. With personal customer information compromised, many are left wondering how to safeguard their data and what this means for the future of cybersecurity in the retail sector. Below, we address common questions regarding the M&S data breach and offer insights into protecting yourself.
-
What Happened During the M&S Cyber Attack?
The recent cyber attack on Marks & Spencer (M&S) has raised significant concerns about data security and operational disruptions in the retail sector. As the company grapples with the fallout, many are left wondering about the details of the attack and its implications for both M&S and its customers. Below, we address some of the most pressing questions surrounding this incident.
-
What Happened During the M&S Cyber Attack?
Marks & Spencer (M&S) is facing significant challenges following a cyber attack that has disrupted its operations and compromised customer data. This incident raises important questions about cybersecurity in retail and the steps companies can take to protect themselves. Below, we explore the details of the attack, its implications, and how M&S is responding.
More on these topics
-
The United Kingdom of Great Britain and Northern Ireland, commonly known as the United Kingdom or Britain, is a sovereign country located off the northwestern coast of the European mainland.
-
Harrods is a department store located on Brompton Road in Knightsbridge, London, England. It is owned by the state of Qatar via its sovereign wealth fund, the Qatar Investment Authority.
-
Google LLC is an American multinational technology company that specializes in Internet-related services and products, which include online advertising technologies, a search engine, cloud computing, software, and hardware.
-
Barclays plc is a British multinational investment bank and financial services company, headquartered in London, England. Apart from investment banking, Barclays is organised into four core businesses: personal banking, corporate banking, wealth managemen
-
Hargreaves Lansdown plc is a financial service company based in Bristol, England. It sells funds and shares and related products to retail investors in the United Kingdom.
-
Scattered Spider, also referred to as UNC3944, is a hacking group mostly made up of teens and young adults believed to live in the United States and the United Kingdom.
-
National Cyber Security Centre, National Cyber Security Center, or National Cybersecurity Center may refer to:
-
The United States of America, commonly known as the United States or America, is a country mostly located in central North America, between Canada and Mexico.
-
The National Crime Agency is a national law enforcement agency in the United Kingdom. It is the UK's lead agency against organised crime; human, weapon and drug trafficking; cyber crime; and economic crime that goes across regional and international borde
-
Christian Dior SE (French: [kʁistjɑ̃ djɔʁ]), commonly known as Dior, is a French multinational luxury goods company that is controlled and chaired by French businessman Bernard Arnault, who also heads LVMH. As of December 2023, Dior controlled around