Latest news with #JohnHultquist
Yahoo
2 days ago
- Business
- Yahoo
Security Incident Shuts Down Victoria's Secret Website After Google Warns US Retailers
Security Incident Shuts Down Victoria's Secret Website After Google Warns US Retailers originally appeared on L.A. Mag. Victoria's Secret, a leading force in lingerie and women's wear, deactivated its website today after an undisclosed security incident disrupted operations. The Ohio-based retailer took down their US website and suspended certain in-store services as a precaution, according to the announcement on the site's new landing page. All Victoria's Secret stores, including sub-brand PINK, remain open.'We identified and are taking steps to address a security incident,' the announcement said. 'Our team is working around the clock to fully restore operations. We appreciate your patience during this process.'The company also posted a similar message on Instagram, restricting all public comments. This past month, a slew of cyberattacks hit a number of major retailers in the UK. Marks & Spencer, a shopping center for clothing, food, home and beauty, stopped taking online orders in late April after its website was hacked, stealing customer data in the process. Days later, Harrods, the iconic London-based department store, cited unauthorized access to the luxury brand's online weeks ago, Google warned American companies that they're next.'US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs,' according to an email from John Hultquist, an analyst from Google's cybersecurity team, shared by The British security breach, caused by individuals affiliated with hacking group 'Scattered Spider,' has not yet been officially connected to the incident at Victoria's Secret, but it wouldn't be these hackers' first time infiltrating an American in 2023, Scattered Spider took down the online systems of MGM Resorts International and Caesars Entertainment. MGM involved law enforcement, while Caesars reportedly paid a $15 million ransom to restore there's no clear sign as to when online shoppers can return to Victoria's Secret digitally, the brand claims no obvious threat to its physical Secret Co. did not respond to LA Mag's request for comment. This story was originally reported by L.A. Mag on May 29, 2025, where it first appeared.
Yahoo
20-05-2025
- Business
- Yahoo
‘Aggressive' hackers of UK retailers are now targeting US stores, says Google
Alphabet's Google warned on Wednesday that hackers responsible for paralyzing disruptions of UK retailers are turning their attention to similar companies in the United States. 'US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs,' John Hultquist, an analyst at Google's cybersecurity arm, said in an email sent on Wednesday. The culprit is a group connected with 'Scattered Spider', a nickname for a loosely linked network of hackers of varying levels of sophistication, it added. Scattered Spider is widely reported to have been behind the particularly disruptive hack at M&S, one of the best-known names in British business, whose online operations have been frozen since 25 April. It has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist said. Related: How 'native English' Scattered Spider group linked to M&S attack operate Just a day before Google's warning, M&S announced that some customer data had been accessed, but this did not include usable payment or card details, or any account passwords. The Guardian understands the details taken are names, addresses and order histories. M&S said personal information had been accessed because of the 'sophisticated nature of the incident'. 'Today, we are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken,' the company said. Hackers from the Scattered Spider ecosystem have been behind a slew of disruptive break-ins on both sides of the Atlantic. In 2023, hackers tied to the group made headlines for hacking the casino operators MGM Resorts International and Caesars Entertainment. Law enforcement has struggled to get a handle on the Scattered Spider hacking groups, in part because of their amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims.
Business Mayor
17-05-2025
- Business
- Business Mayor
‘Aggressive' hackers of UK retailers are now targeting US stores, says Google
Alphabet's Google warned on Wednesday that hackers responsible for paralyzing disruptions of UK retailers are turning their attention to similar companies in the United States. 'US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs,' John Hultquist, an analyst at Google's cybersecurity arm, said in an email sent on Wednesday. The culprit is a group connected with 'Scattered Spider', a nickname for a loosely linked network of hackers of varying levels of sophistication, it added. Scattered Spider is widely reported to have been behind the particularly disruptive hack at M&S, one of the best-known names in British business, whose online operations have been frozen since 25 April. It has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist said. skip past newsletter promotion A weekly dive in to how technology is shaping our lives Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. For more information see our Privacy Policy. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply. after newsletter promotion Just a day before Google's warning, M&S announced that some customer data had been accessed, but this did not include usable payment or card details, or any account passwords. The Guardian understands the details taken are names, addresses and order histories. M&S said personal information had been accessed because of the 'sophisticated nature of the incident'. 'Today, we are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken,' the company said. Hackers from the Scattered Spider ecosystem have been behind a slew of disruptive break-ins on both sides of the Atlantic. In 2023, hackers tied to the group made headlines for hacking the casino operators MGM Resorts International and Caesars Entertainment. Law enforcement has struggled to get a handle on the Scattered Spider hacking groups, in part because of their amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims.
Yahoo
16-05-2025
- Business
- Yahoo
Cybercriminal group targets multiple US retailers after wreaking havoc in UK
Hackers linked to a notorious cybercriminal group have conducted cyberattacks on multiple US retail companies in the last 10 days, prompting the FBI to step up cyber-intelligence briefings for major companies in the sector, three sources familiar with the matter told CNN. The criminal group – known for aggressively extorting major US corporations in recent years – is suspected of being involved in ransomware attacks on between three and five US retailers in recent days, the sources said. The flurry of activity in the US tied to the cybercriminal group – a loose collection of hackers that the cyber industry calls Scattered Spider – has led the FBI and major technology companies like Google to urge US retailers to raise their digital defenses. The group is considered dangerous and unpredictable, in part because it is comprised of youths in the US and the UK known for aggressively extorting their victims. Ahold Delhaize USA was targeted, which has the same parent company as the Giant and Food Lion grocery chains. The hackers managed to log into an account at one its US retail locations, but the incident was isolated and contained, according to an internal Ahold Delhaize report reviewed by CNN. The FBI has been in touch with some of the major US retail brands to warn them of the threat from Scattered Spider, the sources said. CNN has requested comment from Ahold Delhaize. 'We can confirm [a cybercriminal group] successfully targeted multiple retail organizations in the US,' said John Hultquist, chief analyst at Google Threat Intelligence Group, though he declined to name them. Scattered Spider is suspected of being involved in a spate of ransomware attacks in the last month on major UK retail giants Harrods and Marks & Spencer. The latter company appeared hardest hit. The hackers stole customer data from Marks & Spencer and disrupted online orders. Scattered Spider shot to infamy in September 2023 when they were linked to a pair of damaging hacks on famous Las Vegas casinos and hotels MGM Resorts and Caesars Entertainment. The hacking group has 'a history of focusing their efforts on a single sector at a time, and we anticipate they will continue to target the sector in the near term,' Hulquist said. 'US retailers should take note.' 'US-based retailers are aware of the threats posted by cybercriminal groups that have recently attacked several major retailers in the United Kingdom, and many companies have taken steps to harden themselves against these criminal groups' tactics over the past two years,' Christian Beckner, a vice president at the National Retail Federation, said in a statement.
Yahoo
15-05-2025
- Business
- Yahoo
Co-op in recovery phase and restocking after cyber-attack
British co-operative group Co-op group is recovering from a cyber intrusion that led to the intentional disabling of key IT systems. The company, which operates 2,000 outlets such as grocery stores and funeral services, partially shut down its digital infrastructure in response to the cyber-attack in late April 2025. The chain is now working with its suppliers to restock empty shelves. A spokesperson said: "Following the malicious third-party cyber-attack, we took early and decisive action to restrict access to our systems in order to protect our Co-op. We are now in the recovery phase and are taking steps to bring our systems gradually back online in a safe and controlled manner.' Customers have noted a lack of products on shelves, with those living in remote areas of Scotland experiencing significant inconvenience due to the scarcity of alternative shopping options, as reported in the Guardian. The group had previously implemented contingency plans prioritising these vulnerable locations, but store inventories are not expected to improve until 17/18 May. The spokesperson added: "There will be improved stock availability in our food stores and online from this weekend and we are working closely with our suppliers to restock our stores. Our stock ordering system is now fully online, and we have switched all our orders back to the normal supply processes and systems." Contactless and chip-and-pin methods of payment are operational throughout all Co-op stores. "We'd like to thank all our colleagues, members, partners and suppliers for their support so far. We will provide further updates to our members as we continue to make progress from this cyber-attack,' the spokesperson concluded. In early May, Co-op disclosed that hackers had extracted customer data such as names and contact details, but not passwords or financial information. Marks & Spencer, another victim of the cyber incident, also acknowledged that customer data had been compromised during an attack that disrupted its operations in April/May 2025. Alphabet's Google reports that cyber attackers who have caused significant operational setbacks for retail businesses in the UK are now shifting their focus towards comparable entities in the US. A statement from Google cybersecurity arm analyst John Hultquist was quoted by Reuters: "US retailers should take note. These actors are aggressive, creative and particularly effective at circumventing mature security programmes." Hultquist identified the responsible party as a collective linked to "Scattered Spider" - a network of hackers with loose affiliations. Reports have widely attributed the highly disruptive cyber-attack on M&S to this group. "Co-op in recovery phase and restocking after cyber-attack" was originally created and published by Retail Insight Network, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
