In recent months, reports of retail data breaches have surfaced with alarming frequency, showing that both luxury and high-street retailers are under relentless attack. During the second quarter of 2025, ransomware incidents publicly disclosed in the global retail sector rose by 58 percent compared with the first quarter, with businesses in the United Kingdom facing the worst consequences. The outcomes of such breaches vary, but the risks are consistently severe, ranging from loss of revenue and service disruptions to long-term reputational damage.
One recent example that highlights this growing threat is the cyberattack on Marks & Spencer (M&S), one of Britain’s most recognized retailers. Employing over 64,000 people across more than 1,000 stores, M&S reportedly fell victim to hackers believed to be part of the group Scattered Spider. The attackers infiltrated the company’s systems in February, deploying ransomware that encrypted vital infrastructure and severely disrupted operations. By impersonating employees, the cybercriminals manipulated IT help desk staff into resetting passwords and turning off multi-factor authentication. This gave them access to internal systems, where they stole a file containing password hashes from Active Directory. The fallout was severe, including a five-day suspension of online sales that cost an estimated £3.8 million per day, along with a drop of more than £500 million in market value.
The method used against M&S was not unique. Similar techniques were applied in attac
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: