Cyber attacks are on the rise, and two of the UK’s most familiar high street names, Marks & Spencer and the Co-op Group, have just been caught in the crossfire. These incidents serve as a stark reminder that no organisation, regardless of size or reputation, is immune to today’s evolving cyber threats.
What happened?
Over the past fortnight, both retailers experienced serious cyber incidents, each with different levels of impact.
Marks & Spencer: major disruption from suspected ransomware
M&S was hit hardest. The retailer was forced to take multiple systems offline after experiencing what experts believe was a ransomware attack.
Although the company has not confirmed the exact nature of the breach, the symptoms speak volumes:
- Orders through the M&S website and app were paused for over a week
- Contactless payments and click-and-collect services were disrupted
- Stock availability in some stores was affected
- Millions were wiped from the company’s market value
The attack is believed to be the work of Scattered Spider, a cybercrime group known for aggressive tactics and targeting large enterprises. They reportedly used a strain of ransomware called DragonForce to encrypt systems, which likely forced M&S to shut down key operations to prevent further spread.
This group is particularly dangerous because they combine traditional hacking techniques with social engineering, manipulating IT help desks, using phishing, and even multi-factor authentication (MFA) bombing to break into systems.
The Metropolitan Police Cyber Crime Unit, along with the National Cyber Security Centre and National Crime Agency, are now investigating the incident.
Co-op Group: attempted breach with limited disruption
Around the same time, the Co-op Group reported attempts to gain unauthorised access to its systems. While the incident had less operational impact than the M&S attack, it still forced the retailer to temporarily close parts of its back-office and call centre operations.
A spokesperson for Co-op confirmed:
“We have recently experienced attempts to gain unauthorised access to some of our systems. We have taken proactive steps to keep our systems safe.”
All Co-op food stores, online services, and funeral homes continued trading as normal, showing a swift and controlled response to the threat.
Why this matters for every business
These incidents might involve household names, but the risk is just as real for mid-sized organisations. Cyber criminals often target businesses with fewer resources to defend themselves, making them easier entry points.
Both M&S and Co-op are backed by security teams and response plans. Yet, M&S still suffered significant disruption, reputational damage, and potential financial loss — the kind of outcome that could prove critical for a smaller business.
Ask yourself:
- Could you detect a threat like this before it spreads?
- Would you know how to respond if your systems were suddenly encrypted?
- How confident are you in your ability to recover quickly and securely?
Let’s help you stay secure
At Neuways, we work with businesses to strengthen their security posture and put preventative measures in place. If you’re not sure where your vulnerabilities lie or want peace of mind that you’re covered, we’re here to help. Get in touch for a friendly chat about protecting your business.