Listen to this Post
On July 10, 2025, the National Crime Agency (NCA) arrested four individuals in connection with cyberattacks targeting some of the UK’s most prominent retailers, including M\&S, Co-op, and Harrods. These attacks, which took place earlier this year, caused significant disruption and financial damage to the affected companies. The arrested individuals, aged between 17 and 20, face a range of serious charges, including computer misuse, blackmail, money laundering, and participation in an organized crime group. With one of the suspects identified as Latvian, the NCA’s investigation has drawn international attention. The arrested suspects are currently under questioning by the NCA’s National Cyber Crime Unit.
the Incident
The series of cyberattacks on British retailers, starting in April 2025, has sent shockwaves through the business community. The targets, including Marks & Spencer (M\&S), Co-op, and Harrods, were hit by the DragonForce ransomware group, which wreaked havoc on the companies’ internal systems. These cybercriminals not only disrupted operations but also stole sensitive data, including personal details of thousands of customers. The DragonForce group, known for its ransomware activities and involvement in affiliate cybercrime networks, was quick to claim responsibility for the breaches.
The Cyber Monitoring Centre (CMC) has classified the attacks on M\&S and Co-op as a Category 2 systemic event due to their significant financial impact. Losses are estimated to range from £270 million to £440 million. In addition to direct losses from IT damage and business disruption, these attacks exposed vulnerabilities in the retail supply chain and information technology infrastructure.
The attack on M\&S resulted in substantial operational setbacks, including a drop in consumer spending and online sales losses reaching £1.3 million per day. Both M\&S and Co-op saw a notable reduction in sales and consumer confidence, with rural areas particularly impacted. The CMC has reported that these attacks were not only narrow in scope but deep, highlighting the severity of the breach and its ripple effect across multiple industries.
What Undercode Says: Analyzing the Attack’s Broader Implications
The impact of these cyberattacks is far-reaching. The scale of disruption to M\&S and Co-op reveals a disturbing trend in the sophistication of cybercrime groups. These aren’t isolated events; rather, they are part of a growing pattern of attacks targeting critical sectors such as retail, finance, and healthcare. The DragonForce group’s use of social engineering and stolen credentials is a reminder of how vulnerable even the most established businesses can be to cyber threats.
While the NCA’s swift arrests signal progress, the financial and reputational toll on affected retailers is undeniable. M\&S alone is anticipating a £300 million hit in 2025/26 due to the long-term effects of the attack. The attack on Co-op, which compromised customer data including names, addresses, emails, and phone numbers, has added an additional layer of concern about data privacy and consumer trust.
The
From a cybersecurity perspective, these attacks underscore the importance of robust defenses against ransomware and social engineering tactics. The financial losses reported by both M\&S and Co-op are a wake-up call to companies across industries to take cybersecurity more seriously and invest in preventing future breaches.
Fact Checker Results
✅ The NCA’s arrests have been confirmed as part of an ongoing investigation into the cyberattacks.
✅ The financial losses linked to the attacks are estimated between £270 million and £440 million.
❌ The full extent of the attacks on Harrods remains unclear, as too little data is available on that incident.
📊 Prediction
As cybercriminal groups like DragonForce continue to evolve, we can expect more high-profile retail breaches in the near future. Businesses must take proactive steps, including strengthening their internal security systems and training employees on how to avoid common phishing and social engineering tactics. In the coming years, the retail sector could see even stricter regulations and governmental oversight in response to the rising threat of cybercrime. The impact on consumer confidence could also lead to a shift in shopping behaviors, as people become more cautious about sharing their personal data online.
References:
Reported By: securityaffairs.com
Extra Source Hub:
https://www.instagram.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
