Skip to main content

Retail’s cyber security reckoning

22nd May 2025

The National Cyber Security Centre described the recent attacks as a “wake-up call” for the retail sector – could it be a wake-up call for you?

Cyber-attacks can happen to anyone, from small businesses with limited resources to big corporations – nobody is 100% safe, no matter the protective measures implemented.

Take the recent trend of retailers being targeted by cyber criminals: Harrods, Co-op and Marks & Spencer all experienced issues – what happened in each case, how was the impact on each business limited and what could they do in future to improve cyber security?

M&S was the first under attack, being hit by ransomware that has been linked to a criminal group named Scattered Spider. They gained access by spamming M&S employees with phishing emails and reset login prompts – using social engineering, they gained access to their systems and could deliver the malware.

Ransomware works by preventing access to a system or files, locking the user out until a ransom is paid and access is granted again (and that is presuming the hacker stays to their word). This resulted in disrupted payment systems, suspension of online orders and issues with websites: it threw M&S and their customers into chaos.

Co-op had their systems hacked, with customer and employee data being impacted. As a precaution, Co-op shut down a lot of their IT systems while the issue was resolved: these issues didn’t affect customers as much as the M&S outage, but data leaks often lead to a lack of trust, which can be more devastating for businesses in the long run.

Harrods is the most recent attack, meaning that we don’t have all the details yet: there was a third-party cyber-attack, and Harrods restricted internet access at their sites to mitigate it, but beyond this it seems everything ran as usual. However, if customer information was accessed is yet to be seen.

So, how could all of this have been avoided? Employee training is a must, as hackers target staff for their access to customer data. The more they know, the more likely it is that they can spot a hacking attempt before it escalates. Security audits can help to identify weaknesses, including out of date software and lack of an incident response plan.

Are you concerned that your business isn’t protected? Talk to Interfuture Security: we would be happy to offer advice.

Back to top