Cyberattacks on M&S and Co-op Linked to Scattered Spider: Up to $592M in Damages
Explore the recent cyberattacks on M&S and Co-op, attributed to Scattered Spider, causing significant financial damages.
TL;DR
The April 2025 cyberattacks on U.K. retailers Marks & Spencer (M&S) and Co-op have been attributed to the cybercriminal group Scattered Spider, resulting in up to $592 million in damages. The Cyber Monitoring Centre (CMC) classified these incidents as a single combined cyber event, highlighting the growing threat of coordinated cyberattacks.
Introduction
In April 2025, the U.K. retailers Marks & Spencer (M&S) and Co-op experienced significant cyberattacks, which have since been attributed to the cybercriminal group Scattered Spider. These attacks, classified as a “single combined cyber event” by the Cyber Monitoring Centre (CMC), have led to substantial financial damages, estimated to be as high as $592 million.
The Cyberattacks
Classification as a Single Event
The Cyber Monitoring Centre (CMC), a U.K.-based independent, non-profit organization established by the insurance industry, has classified the attacks on M&S and Co-op as a single combined cyber event. This classification is based on the fact that one threat actor, Scattered Spider, claimed responsibility for both incidents.
Impact and Damages
The cyberattacks resulted in significant financial losses for both retailers. The total estimated damages range from $388 million to $592 million, underscoring the severe impact of such coordinated cyber events1.
Scattered Spider: The Culprit
Scattered Spider, known for its sophisticated cyber operations, has been identified as the group behind these attacks. The group’s tactics and techniques have evolved over time, making them a formidable adversary in the cybersecurity landscape2.
Implications for Cybersecurity
The classification of these attacks as a single event highlights the growing trend of coordinated cyber operations targeting multiple organizations simultaneously. This trend underscores the need for enhanced cybersecurity measures and better coordination among affected entities.
Conclusion
The cyberattacks on M&S and Co-op serve as a stark reminder of the evolving threat landscape. As cybercriminals become more sophisticated, it is crucial for organizations to invest in robust cybersecurity defenses and maintain vigilance against potential threats. The role of organizations like the CMC in categorizing and analyzing such events is invaluable in understanding and mitigating future risks.
Additional Resources
For further insights, check:
References
-
The Hacker News (2025). “Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages”. The Hacker News. Retrieved 2025-06-21. ↩︎
-
Cyber Monitoring Centre (2025). “Assessment of April 2025 Cyber Attacks on M&S and Co-op”. Cyber Monitoring Centre. Retrieved 2025-06-21. ↩︎