M&S and Co-op: What we know weeks after cyber attacks
On Friday, 25 April, M&S halted online orders after it reported being a victim of a cyber attack.
Just under a week later, the Co-op revealed it was also the victim of an attempted hack and that several of its services had been impacted. Luxury retailer Harrods was also affected.
Now, more than two weeks on from the original hack, M&S still cannot process sales online, and Co-op has only just managed to get its shelves stocked.
They are also declining to offer any timeline on when things may return to normal.
Cabinet Office minister Pat McFadden said the wave of attacks on UK businesses should be a "wake-up" call for the industry.
What have we learned since the attack?
Although M&S and Co-op have not released much information about the attacks, it is becoming clear that it was not a small incident.
It has been estimated that each day their website is offline, M&S loses £3.5 million. Half a billion pounds has also been wiped off its share price.
Co-op also said the data of a significant number of their customers had been stolen, and they had issues with taking card payments.
ITV News learned that in the wake of the attack, loyalty cards, handheld scanners and apps used to report security incidents in M&S stores were all impacted.
Reports emerged claiming that a hacking group known as Scattered Spider was behind the attack.The group is notorious in the online criminal world for targeting large companies and breaching their data.
It is believed the attackers used a piece of ransomware called Dragonforce to cripple the system.
Cyber security expert Graham Cluley told ITV News: "Attacks involving the DragonForce ransomware usually start with exploitation of known vulnerabilities - often involving corporate systems that have not been kept up-to-date with the latest security patches, or because they have not been configured properly."
Tech specialist website BleepingComputer reported that hackers tricked Co-op and Marks & Spencer IT help desk workers into gaining access to the companies' systems.
It is believed they used a method known as sim-swapping to steal a person's phone number and other key pieces of data in order to effectively impersonate someone and give businesses access to their account.
Scattered Spider has used this tactic in the past.
It is believed that once they had enough access, they used M&S's Active Directory, a Microsoft product that connects internal networks and stores information.
Cyber security expert, Professor Alan Woodward, told ITV News: "Active Directory is a Microsoft product, which allows you to log in once and access all the systems.
"There's a suggestion that they managed to get in and get one of the files out of there, which contains passwords, etc.
"They probably wouldn't have been able to get the passwords out of the file, but if they could get in that far, then they could probably do something to mess up the network."
Industry expert Sam Kirkman from cybersecurity firm NetSPI said the hackers had likely gained access to M&S's core systems which means they can "cripple multiple areas of a business at once, maximising their impact and making it very difficult to recover without extensive rebuilding of key IT systems – which takes time.'
It is believed that one of the reasons both M&S and Co-op are taking so long to get their services back to normal is that they have not paid the ransom demanded by the hackers, which is the advice of the UK government.
What are the businesses saying?
Not much. When ITV News contacted M&S, it said it had no new update about when all of its services would return to normal.
The last update from M&S was 10 days ago when their CEO, Stuart Machin, said in a statement they were working "day and night" to restore their services.
This is despite the fact that it has been almost three weeks since they disabled online orders on their website.
If you try and order an item of clothing from M&S's website, it just says: "We have paused online orders. Products remain available to browse online and stores are open."
Co-op told ITV News all of their stores were receiving deliveries as of Monday morning.
But they did say: "Some of our stores might not have all their usual products available and we are sorry if this is the case for our members' and customers in their local store. We are working around the clock to reduce disruption and are pleased to have resumed delivery of stock to our shelves."
Local media and social posts online have shown both Co-op and M&S shelves empty with apology notices saying they had issues with stock delivery.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Finextra
2 minutes ago
- Finextra
United Fintech appoints Rupsa Mukherjee as head of M&A
United Fintech, an umbrella outfit dedicated to scooping up a stable of capital markets, wealth management and wholesale banking vendors, is preparing for a new wave of M&A activity with the appointment of Deutsche Bank's Rupsa Mukherjee as head of mergers and acquisitions. 0 Mukherjee brings 13 years of experience in corporate finance and investment banking across the UK, US, and India. She has held roles at Goldman Sachs and Caterpillar, and most recently served as vice president in Deutsche Bank's Investment Banking division in London and New York, advising on M&A transactions exceeding $20B. At United Fintech, her role will be to identify high-potential companies, lead acquisition strategy, and structure founder-friendly transactions. Christian Frahm, CEO, says: 'Rupsa brings the right combination of M&A discipline and fintech fluency. Her ability to originate, structure, and integrate strategic acquisitions will be instrumental in unlocking new opportunities across our ecosystem.' Firms so far acquried under the United Fintech roll up include Cobalt, FairXchange, TTMZero, Athena Systems, NetDania and, most recently, core banking vendor CBA. Says Mukherjee. 'The opportunity to help scale a platform that is reshaping the financial services technology landscape is incredibly exciting. I look forward to working with founders, investors, and banks to build lasting value through strategic growth.' Her appointment follows a series of key leadership hires in 2025, including the onboarding of chief operating officer, Deepak Nair and chief people officer, Anders Johansen.
Daily Record
33 minutes ago
- Daily Record
Stirling union members to honour sole Scots woman who died at Auschwitz with visit
The study tour will be an opportunity for members to learn about the atrocities of the Holocaust and to pay tribute to the only Scottish woman known to have died there. Trade union campaigners from Stirling are set to embark on an educational journey to the Auschwitz concentration camp next week to highlight the horrors of the Holocaust and pay tribute to the sole Scottish woman known to have perished at the site. UNISON's Stirling branch members will depart on Wednesday, August 27, where they will honour Jane Haining – a Scottish missionary working for the Church of Scotland who tragically lost her life at Auschwitz. She was detained there after putting her own safety at risk to assist Jewish schoolgirls, but was eventually captured by the Gestapo. She faced accusations of having "worked among the Jews"; had shed tears whilst placing yellow stars on the pupils clothing; had let go of her housekeeper, who was an Aryan; had tuned into BBC news broadcasts; had entertained numerous British guests; was involved in political activities; she made visits to British prisoners of war; and she posted packages to them. The Stirling branch representatives will unite with fellow UNISON members from throughout the country in undertaking the visit and showing their respect, which they claim will "educate members, activists and the wider community to ensure these events are never forgotten". The Stirling branch will be dispatching delegates Stuart Thomson and Aaron Higgins on the trip. Upon their return they will relay their experiences to their branch colleagues and the broader community. Stuart Thomson, Stirling Council trades steward at Allan Water House, said: "I'm incredibly grateful to have the opportunity to represent UNISON on this study tour to Auschwitz. "By learning about the atrocities that took place, and remembering those who died, we ensure these events are never forgotten and future generations are protected. Importantly, we will share our experiences with our branch members when we return." Mark Ferguson, Scottish Convenor of UNISON, added: "Observing first-hand the atrocities which took place instils a responsibility on us all to ensure future generations do not repeat these murderous acts. "We are very honoured to work with the family of Jane Haining to help us to commemorate her selfless bravery. We must never forget that the Holocaust was a state programme designed to destroy particular groups and we must remember all those affected."
Metro
an hour ago
- Metro
Kneecap's Mo Chara arrives at court after police issue warning to protestors
Kneecap's Liam Óg Ó hAnnaidh, known by his stage name Mo Chara, has arrived at court as hundreds of protestors turned up to show their support. The rapper, 27, is one of the founding members of the West Belfast hip hop group, which has found itself in the spotlight in recent months. In May, O' hAnnaidh was charged over an incident at a gig in the O2, where he's been accused of displaying a flag in support of the Lebanese Shia Islamist political party, Hezbollah, a proscribed organisation in the UK. The next month, he appeared in the Westminster Magistrate's Court for the first time, only speaking briefly to confirm his name before being released on bail. Today's appearance will see the legal hearing discussed. Before his hearing, the London Irish Brigade had organised a 'Fenian Fleadh', during which speakers and artists appeared to 'keep the craic going while we raise our voices in solidarity with Liam Óg' outside the court. Last night, the Metropolitan Police issued a warning to those planning to be in the vicinity of the court this morning. Sharing a map showing designated areas, it explained: 'We've imposed Public Order Act conditions to prevent serious disruption being caused by a protest outside Westminster Magistrates' Court tomorrow. 'Protest in support of Liam Óg Ó hAnnaidh and aligned causes must remain in the red area. Any stage must be erected in the green area.' Soon after the band re-shared the post, calling the move a 'distraction'. 'We massively appreciate the support of what we know are the majority of the public, who can see this farce for what it is,' they wrote. 'It is distraction from war crimes that the British state support. In our view this police action is designed to try and portray support for Kneecap as somehow troublesome. 'It is a calculated political decision the night before Mo Chara's court appearance. There is no basis for this, our last hearing was entirely peaceful and a loving show of solidarity with the most disruptive attendees the right-wing media. We know all of our supporters will be, but please go out of your way to be compliant with all instructions issued, irrespective of how pitiful. Free Palestine.' On the same night, the band were supported by their local community in West Belfast, with a mural unveiled showing support for O' hAnnaidh, Kneecap and Palestine. 'West Belfast knows political policing. West Belfast knows colonialism. West Belfast knows solidarity,' the band captioned their post sharing an image of the artwork. At the time of Ó hAnnaidh's arrest, the band issued a statement which said they would 'vehemently defend ourselves' and claimed they were being targeted with 'political policing'. 'Instead of defending innocent people, or the principles of international law they claim to uphold, the powerful in Britain have abetted slaughter and famine in Gaza, just as they did in Ireland for centuries. Then, like now, they claim justification. The IDF units they arm and fly spy plane missions for are the real terrorists, the whole world can see it,' it continued. 'We stand proudly with the people. You stand complicit with the war criminals. We are on the right side of history. You are not. We will fight you in court. We will win. Free Palestine.' After the band performed at Glastonbury Festival in June, they became the subjects of a police investigation into statements made during their set, however soon after the probe was dropped. Despite this they've continued to face backlash, including being banned from Hungary for three years, which was announced just weeks before they'd been due to play Sziget Festival in Budapest. More Trending Responding to the ban, the band said it was 'outrageous' and 'no legal basis for the action'. 'It's clear this is political distraction and a further attempt to silence those who call out genocide against the Palestinian people. View More » The band have repeatedly shut down claims they support Hamas and have denied accusations of anti-Semitism. Got a story? If you've got a celebrity story, video or pictures get in touch with the entertainment team by emailing us celebtips@ calling 020 3615 2145 or by visiting our Submit Stuff page – we'd love to hear from you. MORE: Man charged after Molotov cocktail thrown inside busy pub MORE: An Irishwoman's guide to Ireland's best beaches — no matter the weather MORE: Man charged after priest attacked with a bottle and second man killed
