A wave of high-impact cyberattacks targeting major UK retailers in 2025, including Marks & Spencer, the Co-op, and Harrods, has served as a critical wake-up call for the sector, reports Infosecurity Magazine.
These incidents, attributed to the Scattered Spider group using DragonForce ransomware, inflicted severe financial damage, with M&S estimating losses of £300 million and the Co-op £206 million.
Attackers used sophisticated social engineering and compromised third-party credentials to infiltrate networks, conducting prolonged reconnaissance before deploying ransomware.
Parliamentary hearings and industry summits highlighted a key differentiator in resilience: the Co-op's more advanced migration from legacy systems to cloud infrastructure significantly limited its disruption compared to M&S, which had to rebuild systems over months.
Industry experts, including River Island's CISO Sunil Patel, emphasized that the attacks were not opportunistic but meticulously targeted at a sector with a vast attack surface and constrained IT budgets.
The aftermath spurred other retailers like Holland & Barrett and AllSaints to enhance crisis communications, double down on digital transformation, and invest in specialized "people security" teams to bolster employee awareness and third-party risk management.
These incidents, attributed to the Scattered Spider group using DragonForce ransomware, inflicted severe financial damage, with M&S estimating losses of £300 million and the Co-op £206 million.
Attackers used sophisticated social engineering and compromised third-party credentials to infiltrate networks, conducting prolonged reconnaissance before deploying ransomware.
Parliamentary hearings and industry summits highlighted a key differentiator in resilience: the Co-op's more advanced migration from legacy systems to cloud infrastructure significantly limited its disruption compared to M&S, which had to rebuild systems over months.
Industry experts, including River Island's CISO Sunil Patel, emphasized that the attacks were not opportunistic but meticulously targeted at a sector with a vast attack surface and constrained IT budgets.
The aftermath spurred other retailers like Holland & Barrett and AllSaints to enhance crisis communications, double down on digital transformation, and invest in specialized "people security" teams to bolster employee awareness and third-party risk management.




