Particle.news
Download on the App Store
37 ARTICLES
·
2d ago

Four Arrested as M&S Advances Recovery From Major Ransomware Attack

Marks & Spencer’s chairman urged mandatory incident reporting to bolster national defenses following a breach that left key services offline.

Image
Members of the public walk past a branch of Marks & Spencer on 11th June 2025 in Maidenhead, United Kingdom. (Image: Mark Kerrison/In Pictures via Getty Images)
Image
Image

Overview

  • The National Crime Agency arrested four suspects in connection with ransomware attacks that targeted Marks & Spencer, the Co-op and Harrods.
  • Marks & Spencer resumed online clothing orders on June 10, but click-and-collect and next-day delivery remain suspended as the retailer rebuilds its IT systems.
  • Investigators determined that the April 17 breach exploited a sophisticated social-engineering impersonation of a third-party user and linked the hack to DragonForce and the Scattered Spider collective.
  • M&S estimates the disruption cost about £300 million in lost operating profit and is pursuing insurance claims while reviewing its legacy infrastructure.
  • Chair Archie Norman described the attack as "traumatic" in parliamentary testimony and called for mandatory incident reporting to strengthen national cyber defenses.