CyberSecurity news
FlagThis
@cyble.com
//
Following a series of cyberattacks targeting major UK retailers including Marks & Spencer, Co-op, and Harrods, the National Cyber Security Centre (NCSC) has issued an urgent alert, urging organizations to bolster their defenses. The attacks, which involved ransomware and data theft, have caused significant operational disruptions and data breaches, highlighting the increasing risk faced by the retail sector. The NCSC anticipates that similar attacks are likely to escalate and emphasizes that preparation is key to ensuring business continuity and minimizing financial losses.
The NCSC advises businesses to take immediate and proactive measures to mitigate risks. A key recommendation is to isolate and contain threats quickly by severing internet connectivity immediately to prevent malware from spreading further across networks. It's equally important to ensure that backup servers remain isolated and unaffected by the attack, so they can be used for disaster recovery. The security agency is also calling on firms to review their password reset policies, and in particular how IT help desks authenticate workers when they make a reset request, especially in the case of senior employees with escalated privileges.
To enhance cyber resilience, the NCSC stresses the importance of implementing multi-factor authentication (MFA) across the board. The agency also warns organizations to be constantly on the lookout for ‘risky logins’ within Microsoft Entra ID Protection, where sign-in attempts are flagged as potentially compromised due to suspicious activity or unusual behaviour. The Information Commissioner's Office (ICO) has similar advice warning organizations to make sure that accounts are protected by a strong password, and that passwords aren't being reused across multiple accounts. While attacks against UK retailers have rocked the industry in recent weeks, the NCSC's guidance aims to help businesses avoid falling victim to similar incidents.
ImgSrc: cyble.com
References :
The NCSC advises businesses to take immediate and proactive measures to mitigate risks. A key recommendation is to isolate and contain threats quickly by severing internet connectivity immediately to prevent malware from spreading further across networks. It's equally important to ensure that backup servers remain isolated and unaffected by the attack, so they can be used for disaster recovery. The security agency is also calling on firms to review their password reset policies, and in particular how IT help desks authenticate workers when they make a reset request, especially in the case of senior employees with escalated privileges.
To enhance cyber resilience, the NCSC stresses the importance of implementing multi-factor authentication (MFA) across the board. The agency also warns organizations to be constantly on the lookout for ‘risky logins’ within Microsoft Entra ID Protection, where sign-in attempts are flagged as potentially compromised due to suspicious activity or unusual behaviour. The Information Commissioner's Office (ICO) has similar advice warning organizations to make sure that accounts are protected by a strong password, and that passwords aren't being reused across multiple accounts. While attacks against UK retailers have rocked the industry in recent weeks, the NCSC's guidance aims to help businesses avoid falling victim to similar incidents.
ImgSrc: cyble.com
Share:
References :
- DataBreaches.Net: Marks & Spencer breach linked to Scattered Spider ransomware attack
- Davey Winder: Harrods is the latest major U.K. retailer to confirm a cyberattack as M&S continues to struggle with ransomware strike fallout.
- securityaffairs.com: Luxury department store Harrods suffered a cyberattack
- The Register - Security: British govt agents step in as Harrods becomes third mega retailer under cyberattack
- www.itpro.com: Harrods hit by cyber attack as UK retailers battle threats
- Graham Cluley: Uh-oh. Marks & Spencer, Co-op, and now Harrods is the latest high profile UK retailer to be hit by what is (most likely) a attack. No organisation is 100% safe.
- techcrunch.com: UK retail giant Co-op warns of disruption as it battles cyberattack
- Bloomberg Technology: DragonForce hacking gang takes credit for UK retail attacks
- NCSC News Feed: NCSC statement: Incident impacting retailers
- Resources-2: Retail Under Fire: Inside the DragonForce Ransomware Attacks on Industry Giants
- Zack Whittaker: Bloomberg reporting that DragonForce ransomware gang "and its partners" were behind cyberattacks targeting U.K. retail giants Marks & Spencer, Co-op and Harrods. The gang also claimed to have stolen customer data.
- doublepulsar.com: DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
- Metacurity: Harrods becomes the third top UK retailer to fend off a cyberattack
- hackread.com: UK Retailer Harrods Hit by Cyber Attack After M&S, Co-op
- NPR Topics: Technology: Harrods, the iconic luxury department store, has become the latest British retailer to fall victim to a cyberattack.
- bsky.app: Uh-oh. Marks & Spencer, Co-op, and now Harrods is the latest high profile UK retailer to be hit by what is (most likely) a #ransomware attack.
- www.bbc.co.uk: The BBC reports on DragonForce's attacks on Co-op, details data theft.
- www.thetimes.com: The Sunday Times article details the DragonForce attack on Marks & Spencer.
- BleepingComputer: Cybersecurity firm BleepingComputer reported the Co-op's confirmation of significant data theft, contrasting with previous downplayed assessments of the incident.
- Help Net Security: The Co-op hack is detailed with an update of stolen data and the impact on the company's systems.
- DataBreaches.Net: BleepingComputer reports on the escalation of the Co-op cyberattack, with hackers boasting about stealing data from millions of customers.
- arcticwolf.com: Threat Event Timeline 22 April 2025 – Marks & Spencer released a cyber incident update on the London stock exchange website.
- Rescana: Detailed Report on the DragonForce Cyber Attack on Co-op Introduction: The DragonForce cyber attack on Co-op has emerged as a significant...
- Tech Monitor: The Co-op Group has acknowledged a substantial data breach in a cyberattack that was reportedly perpetrated by the DragonForce group.
- arcticwolf.com: Threat Event Timeline 04/22/2025 – Marks & Spencer released a cyber incident update on the London stock exchange website. The incident resulted in the organization having to pause online clothing orders for six days.
- www.techradar.com: Hackers claim to have stolen private information on 20 million Co-op shoppers
- cyble.com: Cyberattacks Hit Leading UK Retailers as NCSC Urges Stronger Defences
- cyble.com: Multiple cyberattacks have recently struck some of the UK’s most iconic retailers, prompting concern from industry leaders and cybersecurity authorities.
- www.cybersecurity-insiders.com: NCSC issues alert against more ransomware attacks on retailers
- www.itpro.com: In an official statement, addressed the situation, saying: “The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers, and the public.
- cyberinsider.com: Cyber Insider reports on Co-op Confirms Member Data Breach Following Cyberattack Incident
- Check Point Research: Three major UK retailers – Co-op, Harrods and Marks & Spencer (M&S) – were hit by cyberattacks that disrupted operations and compromised sensitive data.
- www.bleepingcomputer.com: Marks and Spencer breach linked to Scattered Spider ransomware attack
- cyberinsider.com: NCSC Issues Urgent Guidance After Major UK Retailers Breached by Hackers
- www.cybersecurity-insiders.com: New Cyber threats emerge from Cyber Attacks on UK Companies.
- TechInformed: Recent retail cyber attacks have highlighted growing vulnerabilities in the UK sector.
- techinformed.com: A recent spate of retail cyber attacks has highlighted growing vulnerabilities in the UK sector, with high street names including M&S, the Co-op and Harrods…
- Cybersecurity Blog: The Marks and Spencer Cyber Attack: Everything You Need to Know
- www.exponential-e.com: NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked
- Phishing Tackle: Co-op has revealed that its recent breach was far more serious than initially reported, with a significant amount of data from current and former customers stolen.
- bsky.app: NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked.
- www.cysecurity.news: The United Kingdom’s National Cyber Security Centre (NCSC) has issued a stark warning following a wave of cyberattacks targeting some of the country’s most prominent retail chains.
Classification:
- HashTags: #Cybersecurity #RetailAttacks #NCSC
- Company: NCSC
- Target: UK Retailers
- Attacker: DragonForce
- Feature: Cyber Resilience
- Type: News
- Severity: Medium