Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Home Cyber Attacks M&S Faces £300M Loss After Cyberattack Involving DragonForce and Scattered Spider
Cyber Attacks Cyber Breach DragonForce DragonForce Ransomware Group Hacker group Hacking Attack M&S Ransom Demand Ransomware attack Ransomwares Scattered Spider

M&S Faces £300M Loss After Cyberattack Involving DragonForce and Scattered Spider

M&S faces £300M profit after cyberattack involving DragonForce and Scattered Spider; online orders resume as investigations continue into hacker.
Tuesday, June 17, 2025

 

Marks & Spencer has resumed its online services after a serious cyberattack earlier this year that disrupted its operations and is expected to slash profits by £300 million. The British retail giant’s digital operations were hit hard, and recent developments suggest the breach may have been orchestrated by multiple hacker groups. 

A hacking group known as DragonForce is now linked to the incident. According to reports by the BBC, the group sent an email to M&S CEO Stuart Machin shortly after the attack, boasting about their success and demanding ransom. The message, written in aggressive and alarming language, implied the group had encrypted the retailer’s servers. DragonForce, which has rebranded itself as a “Ransomware Cartel,” operates by offering malware tools to affiliates in exchange for a percentage of ransom earnings. 

Originally emerging in 2023, the group has become increasingly active on major dark web forums in recent months. While some cybersecurity experts believe the group is based in Malaysia, others speculate ties to Russia. They have also been linked to a similar attack on the Co-op. Meanwhile, another group, Scattered Spider, had earlier been suspected of executing the attack. Known for its advanced social engineering techniques, the group is composed primarily of young hackers from the US and UK. They have previously impersonated IT personnel and used SIM swapping tactics to breach organizations. 

In 2023, they gained notoriety after cyberattacks on major US casino operators like Caesars Entertainment and MGM Resorts, resulting in multi-million-dollar ransoms. The M&S cyberattack, disclosed on April 22, disrupted online orders and even stopped contactless payments in physical stores. As a result, hundreds of agency workers were temporarily relieved from duty. The company confirmed that customer data—including names, email addresses, addresses, and birth dates—was compromised during the breach. The cause, according to Machin, was human error by a third-party service provider. 

In response to the growing threat, the UK’s National Cyber Security Centre (NCSC) issued industry-wide guidance. Law enforcement agencies, including the National Crime Agency (NCA), are actively investigating the case and considering whether the incidents involving these hacker groups are interconnected. The financial impact has been significant. M&S’s market value dropped by £650 million in the days following the attack. Despite these setbacks, the company has now reopened its standard delivery service in England, Scotland, and Wales, with additional services like click-and-collect and international orders expected to follow soon. 

In a recent statement, M&S emphasized its commitment to restoring customer trust and maintaining high service standards. The company said, “Our stores have remained operational, and we’re now focused on delivering the quality and service our customers expect as we recover from this disruption.”
Tags: Cyber Attacks Cyber Breach DragonForce DragonForce Ransomware Group Hacker group Hacking Attack M&S Ransom Demand Ransomware attack Ransomwares Scattered Spider
Share it:

Cyber Attacks

Cyber Breach

DragonForce

DragonForce Ransomware Group

Hacker group

Hacking Attack

M&S

Ransom Demand

Ransomware attack

Ransomwares

Scattered Spider