Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
July 10, 2025 – Published on The Hacker News
The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods.
The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West Midlands and London on suspicion of Computer Misuse Act offenses, blackmail, money laundering, and participating in the activities of an organized crime group.
All four suspects were arrested from their homes and their electronic devices have been seized for further forensic analysis. Their names were not disclosed.
The NCA did not name the “organized crime group” the individuals are part of, but it’s believed that some of these attacks have been perpetrated by a decentralized cybercrime crew called Scattered Spider, which is notorious for its advanced social engineering ploys to breach organizations and deploy ransomware.
“While ransomware is an ever-present threat, Scattered Spider represents a persistent and capable adversary whose operations have been historically effective even against organizations with mature security programs,” Grayson North, Senior Security Consultant at GuidePoint Security, told The Hacker News.
“The success of Scattered Spider is not exactly the result of any new or novel tactics, but rather their expertise in social engineering and willingness to be extremely persistent in attempting to gain initial access to their targets.”
Read More HERE.