.png?width=1816&height=566&name=brandmark-design%20(83).png "Tech Channels - IT News, Resources & Insights")
Two of Britain’s most iconic retailers — Marks & Spencer and Harrods — have been swept into the growing wave of cyberattacks battering global businesses. While Harrods has kept its operations running, M&S is still reeling: online orders are suspended, recruitment is frozen, and store shelves are patchy. Experts believe the culprits are a youthful but increasingly feared hacking group known as Scattered Spider, also known as Octo Tempest. (Sky News, 2025).
The disruption began on April 21, when M&S customers reported problems with payments and online services. The retailer confirmed a “cyber incident” within days and began pulling systems offline. By April 25, job listings were gone, online orders frozen, and gift card systems disabled. At some locations, food shortages and empty shelves soon followed.
M&S responded quickly — initially. But after April 25, communication stalled. Customers cannot place orders or use gift cards, and the retailer has offered no recovery timeline.
Harrods has said it is “working closely with cybersecurity experts and law enforcement,” but has released few details beyond that.
Meanwhile, Harrods disclosed on May 1 that it too had suffered a cyberattack (BBC, 2025). Though it claimed customer-facing operations were unaffected, the luxury department store has remained tight-lipped on the breach’s scope or whether sensitive data was compromised.
Unlike most ransomware gangs based in Russia or China, Scattered Spider operates from within Western countries, including the UK and US. Its members are reportedly young, English-speaking, and highly skilled in social engineering tactics like phishing, SIM swapping, and MFA fatigue attacks.
The malware used as a ransomware strain called DragonForce, which locks critical files and demands cryptocurrency payment for their release. For M&S, the cyberattack has been devastating: the company has shed £700 million ($930m) in market value, equivalent to a 6.5% drop in share price. With online shopping accounting for a third of M&S’s clothing and home sales, the shutdown costs the retailer over £3.8 million ($5m) per day in lost digital revenue. Harrods, being privately held, hasn’t disclosed losses.
Yet, M&S and Harrods aren’t alone. The Co-op Group recently suffered an attempted breach, while Synnovis, an NHS partner, saw 11,000 medical appointments delayed last year due to ransomware from a Russian group (Reuters, 2025).
Both the Metropolitan Police and the UK’s National Cyber Security Centre (NCSC) are investigating the breaches. Retailers nationwide have been urged to review their cyber defenses. Consumers are advised to monitor bank activity and update their passwords.
What started as a technical issue is now a strategic crisis. These attacks show just how fragile digital infrastructure has become and how high the stakes are when hackers strike not just data centers, but the daily lives of millions.
