Retail Panic: Scattered Spider Spins £440M Web of Cyber Chaos in the UK
The April 2025 cyber attacks on Marks & Spencer and Co-op have been dubbed a “single combined cyber event” by the Cyber Monitoring Centre. With social engineering tactics as the initial access vector, the financial fallout is estimated to reach up to £440 million. Meanwhile, Harrods remains in the clear, at least for now.
Hot Take:
Oh, Marks & Spencer and Co-op, you’ve officially been Scattered Spidered! These cyber bandits have spun a web of chaos, proving once again that social engineering is the gift that keeps on taking. As for Harrods, it’s like being excluded from an exclusive party—you know it’s not good, but you still wanna know what’s happening inside. While the CMC plays Sherlock Holmes, the rest of us are left wondering if our online shopping carts are safe from turning into real-life horror stories. The lesson? If your IT help desk thinks they’re part of a spy thriller, they probably are.
Key Points:
- The cyber attacks on Marks & Spencer and Co-op are considered a “single combined cyber event” due to shared TTPs and timing.
- Scattered Spider, an offshoot of The Com, is suspected to be behind these attacks.
- The financial impact is estimated between £270 million ($363 million) and £440 million ($592 million).
- Harrods was not included in the assessment due to insufficient information.
- Scattered Spider is now targeting U.S. insurance companies with social engineering tactics.