UK NCSC: Cyberattacks impacting UK retailers are a wake-up call

The United Kingdom's National Cyber Security Centre warned that ongoing cyberattacks impacting multiple UK retail chains should be taken as a "wake-up call."

Part of the GCHQ British intelligence agency, the NCSC provides support and guidance to private and public sector entities following major cybersecurity incidents to protect the UK's critical services.

In a statement issued this week, the NCSC also confirmed that it's working with affected organizations in the retail sector to assess the attacks' nature and impact.

"The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers and the public," said NCSC CEO Dr Richard Horne.

"These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively."

Since the attacks surfaced, the UK House of Commons' Business and Trade Committee has also asked the CEOs of Marks & Spencer and Co-op to share whether relevant government agencies (including the National Crime Agency and the National Cyber Security Centre) provided support.

Cyberattacks targeting UK retailers

Harrods confirmed it was targeted in a cyberattack on May 1st, becoming the third major UK retailer to report cyberattacks over the last two weeks following incidents at the Co-operative Group (Co-op) supermarket chain and British retailer giant Marks & Spencer (M&S).

Harrods told BleepingComputer that threat actors recently attempted to hack into its network, which prompted the luxury department store to restrict internet access to sites. While Harrods didn't share whether its systems were breached, limiting access to some platforms hints at an active response to the attack.

On Wednesday, Co-op disclosed another cyber incident after what they described as attempts to hack into their systems. However, Co-op Chief Digital and Information Officer Rob Elsey said in an internal memo urging employees to be vigilant when using email and Microsoft Teams that VPN access has been disabled, indicating potential containment measures following a security breach.

Last week, Marks & Spencer was also hit by a cyberattack that caused disruptions across online ordering systems and impacted its contactless payments and Click & Collect services.

BleepingComputer later confirmed that the Marks & Spencer breach was a ransomware attack with threat actors using tactics associated with Scattered Spider, where they deployed the DragonForce ransomware on the company's network.

Other high-profile attacks linked to Scattered Spider include those on MGM Resorts, Caesars, MailChimp, Twilio, DoorDash, Coinbase, Riot Games, and Reddit.

Source

Hope you enjoyed this news post.

Thank you for appreciating my time and effort posting news every day for many years.

News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of April): 1,811

RIP Matrix | Farewell my friend