Latest news with #Hultquist
Yahoo
20-05-2025
- Business
- Yahoo
‘Aggressive' hackers of UK retailers are now targeting US stores, says Google
Alphabet's Google warned on Wednesday that hackers responsible for paralyzing disruptions of UK retailers are turning their attention to similar companies in the United States. 'US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs,' John Hultquist, an analyst at Google's cybersecurity arm, said in an email sent on Wednesday. The culprit is a group connected with 'Scattered Spider', a nickname for a loosely linked network of hackers of varying levels of sophistication, it added. Scattered Spider is widely reported to have been behind the particularly disruptive hack at M&S, one of the best-known names in British business, whose online operations have been frozen since 25 April. It has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist said. Related: How 'native English' Scattered Spider group linked to M&S attack operate Just a day before Google's warning, M&S announced that some customer data had been accessed, but this did not include usable payment or card details, or any account passwords. The Guardian understands the details taken are names, addresses and order histories. M&S said personal information had been accessed because of the 'sophisticated nature of the incident'. 'Today, we are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken,' the company said. Hackers from the Scattered Spider ecosystem have been behind a slew of disruptive break-ins on both sides of the Atlantic. In 2023, hackers tied to the group made headlines for hacking the casino operators MGM Resorts International and Caesars Entertainment. Law enforcement has struggled to get a handle on the Scattered Spider hacking groups, in part because of their amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims.
Business Mayor
17-05-2025
- Business
- Business Mayor
‘Aggressive' hackers of UK retailers are now targeting US stores, says Google
Alphabet's Google warned on Wednesday that hackers responsible for paralyzing disruptions of UK retailers are turning their attention to similar companies in the United States. 'US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs,' John Hultquist, an analyst at Google's cybersecurity arm, said in an email sent on Wednesday. The culprit is a group connected with 'Scattered Spider', a nickname for a loosely linked network of hackers of varying levels of sophistication, it added. Scattered Spider is widely reported to have been behind the particularly disruptive hack at M&S, one of the best-known names in British business, whose online operations have been frozen since 25 April. It has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist said. skip past newsletter promotion A weekly dive in to how technology is shaping our lives Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. For more information see our Privacy Policy. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply. after newsletter promotion Just a day before Google's warning, M&S announced that some customer data had been accessed, but this did not include usable payment or card details, or any account passwords. The Guardian understands the details taken are names, addresses and order histories. M&S said personal information had been accessed because of the 'sophisticated nature of the incident'. 'Today, we are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken,' the company said. Hackers from the Scattered Spider ecosystem have been behind a slew of disruptive break-ins on both sides of the Atlantic. In 2023, hackers tied to the group made headlines for hacking the casino operators MGM Resorts International and Caesars Entertainment. Law enforcement has struggled to get a handle on the Scattered Spider hacking groups, in part because of their amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims.
Yahoo
15-05-2025
- Business
- Yahoo
Co-op in recovery phase and restocking after cyber-attack
British co-operative group Co-op group is recovering from a cyber intrusion that led to the intentional disabling of key IT systems. The company, which operates 2,000 outlets such as grocery stores and funeral services, partially shut down its digital infrastructure in response to the cyber-attack in late April 2025. The chain is now working with its suppliers to restock empty shelves. A spokesperson said: "Following the malicious third-party cyber-attack, we took early and decisive action to restrict access to our systems in order to protect our Co-op. We are now in the recovery phase and are taking steps to bring our systems gradually back online in a safe and controlled manner.' Customers have noted a lack of products on shelves, with those living in remote areas of Scotland experiencing significant inconvenience due to the scarcity of alternative shopping options, as reported in the Guardian. The group had previously implemented contingency plans prioritising these vulnerable locations, but store inventories are not expected to improve until 17/18 May. The spokesperson added: "There will be improved stock availability in our food stores and online from this weekend and we are working closely with our suppliers to restock our stores. Our stock ordering system is now fully online, and we have switched all our orders back to the normal supply processes and systems." Contactless and chip-and-pin methods of payment are operational throughout all Co-op stores. "We'd like to thank all our colleagues, members, partners and suppliers for their support so far. We will provide further updates to our members as we continue to make progress from this cyber-attack,' the spokesperson concluded. In early May, Co-op disclosed that hackers had extracted customer data such as names and contact details, but not passwords or financial information. Marks & Spencer, another victim of the cyber incident, also acknowledged that customer data had been compromised during an attack that disrupted its operations in April/May 2025. Alphabet's Google reports that cyber attackers who have caused significant operational setbacks for retail businesses in the UK are now shifting their focus towards comparable entities in the US. A statement from Google cybersecurity arm analyst John Hultquist was quoted by Reuters: "US retailers should take note. These actors are aggressive, creative and particularly effective at circumventing mature security programmes." Hultquist identified the responsible party as a collective linked to "Scattered Spider" - a network of hackers with loose affiliations. Reports have widely attributed the highly disruptive cyber-attack on M&S to this group. "Co-op in recovery phase and restocking after cyber-attack" was originally created and published by Retail Insight Network, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Yahoo
14-05-2025
- Business
- Yahoo
Cybercrime spree that hobbled British retailers now aimed at U.S., Google says
Hackers behind a series of destructive, financially motivated cyberattacks against some of the U.K.'s largest retailers are now going after big American brands, Google said Wednesday. 'Major American retailers have already been targeted,' John Hultquist, the chief analyst for Google's Threat Intelligence Group, told NBC News. At least three top British retailers have experienced cyberattacks in recent weeks. Marks & Spencer was forced to pause online orders for weeks. Hackers who contacted the BBC provided evidence of 'huge amounts of customer and employee data' stolen from the Co-op Group. The third, Harrods, restricted some internet access at store locations, though a spokesperson told NBC News that it has not seen evidence that customer data was stolen. Hultquist declined to name which American retailers the hackers may be going after. As one of the world's largest tech companies, Google sells services like cloud storage, networking and security protections to some of the biggest retailers in the world, providing it significant insight into how hackers operate. It's not yet clear if there is a technical reason for the hackers to target retail companies, such as a vulnerability in a shared industry software program. For-profit hackers have in recent years proven adept at accessing the computer systems of major companies and profiting by holding data and entire networks for ransom. The U.K. hacking campaign strongly echoes the one that shut down parts of some Las Vegas casinos in 2023. That led to MGM Resorts, the owner of the Bellagio and Mandalay Bay, shutting down some casino floors, leaving guests unable to access their rooms with keycards. The same hackers also broke into Caesars Entertainment, but Caesars, unlike MGM, promptly paid the hackers, and it did not experience widespread service outages. That hacking campaign was notable as the first widely known collaboration between a group of young, largely English-speaking hackers who successfully gained access to high-level corporate accounts, and a Russian-speaking cybercrime group. That same loosely affiliated group provided initial access to the British retailers and is now going after U.S. ones, Hultquist said. It appears to have largely avoided high-profile targets in the interim. The casinos, as well as the Co-op Group and Marks and Spencer, were infected with ransomware, a type of malicious software that hackers install on critical systems to lock them up and steal sensitive information. They then demand a payment to either not exploit the information or for help making those computer systems usable again. This article was originally published on
Time of India
14-05-2025
- Business
- Time of India
Google Warns: Hackers who have crippled Marks & Spencer online stores since 15-plus days in UK are now targeting American stores
Marks & Spencer Alphabet's Google has reportedly issued a stark warning to United States retailers, indicating that the cybercriminal group responsible for the recent crippling disruptions of major UK businesses is now setting its sights stateside. The alert comes as British retail giant Marks & Spencer (M&S) continues to grapple with the fallout of a significant cyberattack that has paralyzed its online operations for three weeks. M&S, a household name in the UK, saw its online order system grind to a halt on April 25th. The disruption has had a tangible impact on the company, with its share price plummeting by 15% since the Easter weekend, when initial order issues surfaced. Despite its 1,000 physical stores remaining open, the ongoing suspension of online orders highlights the severity of the attack and the challenges in restoring normal services. While M&S has not officially confirmed the nature of the attack, multiple reports suggest the retailer fell victim to a ransomware attack. This type of cyber intrusion involves criminals gaining unauthorized access to a company's computer systems, encrypting crucial data, and demanding a ransom payment in exchange for the decryption key and the restoration of access. What Google's warning to retailers says Google's cybersecurity analysts are now raising concerns that this wave of attacks is poised to cross the Atlantic. As reported by Reuters, John Hultquist, an analyst at Google's cybersecurity arm, issued a direct warning in an email on Wednesday, stating, "US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs." by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like 40s woman changed drastically in a few months! "This" at Watsons is too effective Body Design News Learn More Undo Hultquist identified the likely culprit as a group connected to "Scattered Spider," a loosely organized network of hackers with varying skill levels. This group is widely believed to be behind the disruptive attack on M&S. Scattered Spider: Hacker group that has likely targeted M&S "The Scattered Spider-connected group has a history of focusing on a single sector at a time and is likely to target retail for a while longer," Hultquist cautioned, emphasizing the immediate threat to US businesses in the same industry. Scattered Spider has established a track record of high-impact cyberattacks on both sides of the Atlantic. In 2023, the group gained notoriety for successfully breaching the security defenses of major casino operators MGM Resorts International and Caesars Entertainment, causing significant operational disruptions and financial losses. Law enforcement agencies have faced considerable challenges in effectively combating hackers linked to Scattered Spider. This is partly attributed to the group's decentralized and fluid structure, the relatively young age of some of its members, and a reported reluctance among some cybercrime victims to fully cooperate with investigations, as previously reported by Reuters. Despite these challenges, the US retail sector appears to be on high alert. Christian Beckner, a vice president with the National Retail Federation, affirmed to Reuters that his members are acutely aware of the potential for disruptive intrusions from Scattered Spider-linked groups. "We've been closely tracking everything going on in the UK over the past few weeks," Beckner stated. "There aren't geographic boundaries on these threats." Google's warning serves as a critical call to action for US retailers to urgently review and strengthen their cybersecurity defenses in the face of this evolving and aggressive threat. The ongoing struggles of M&S underscore the significant financial and reputational damage that can result from such attacks, highlighting the imperative for proactive measures and vigilance within the industry. AI Masterclass for Students. Upskill Young Ones Today!– Join Now
