BleepingComputer reports that the recent cyberattack on UK retail group The Co-operative Group, or Co-op, is more serious than previously disclosed, with hackers successfully stealing data from current and former members, including names and contact details, though no financial or password information was taken.Such a breach was previously reported to be attributed to affiliates of the DragonForce ransomware group, which claims to have stolen data on 20 million individuals. The attackers exploited a social engineering tactic to reset an employee's password and gain access to internal systems, ultimately extracting Active Directory password hashes. The Co-op is now rebuilding its Windows domain controllers and bolstering defenses in collaboration with Microsoft DART and KPMG. The incident bears striking similarities to recent attacks on Marks & Spencer and Harrods, also linked to DragonForce affiliates. These attackers are believed to be part of the broader Scattered Spider cybercrime community, known for using aggressive extortion tactics and sophisticated entry methods like SIM swapping and MFA fatigue.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




