ITV News: M&S and Co-op: What We Know Weeks After Cyber Attacks

ITV News reported on the enduring effects of a sophisticated cyber attack that hit major UK retailers Marks & Spencer and Co-op, with services still disrupted and sensitive customer data confirmed compromised. Read the preview below or view it online.

+++

The scale of disruption is staggering.

Regarding “M&S and Co-op: What we know weeks after cyber attacks” (ITV News, May 13): The cyber attacks that struck M&S, Co-op, and other British retailers are among the most impactful in recent memory. With M&S’s online services still offline and both companies declining to give recovery timelines, the operational and reputational damage continues to mount.

M&S chief executive Stuart Machin confirmed that personal data had been accessed, though not passwords or payment information, and customers would be required to reset their credentials. Meanwhile, Co-op also reported customer data theft and widespread payment issues.

The attacks, attributed to the notorious hacking group Scattered Spider, are believed to have involved ransomware known as DragonForce and may have begun with sim-swapping tactics to impersonate internal staff. Once inside, the attackers reportedly targeted Active Directory, the backbone of internal system access, enabling them to paralyse multiple functions across the businesses.

Cybersecurity expert Sam Kirkman, Director of Services for EMEA, at NetSPI says that by striking core systems, the attackers “can cripple multiple areas of a business at once,” making recovery a complex, lengthy process requiring extensive rebuilding. With £3.5 million lost daily and a half-billion pound drop in share value, the incident underscores modern cyber threats’ devastating financial and operational consequences.

You can read the full article here.