Scattered Spider Linked to Marks & Spencer Cyberattack

A significant cyberattack on British retailer Marks & Spencer (M&S) has been linked to the hacking group Scattered Spider, who have been previously associated with breaches at MGM Resorts and Caesars Entertainment in the U.S.

The attackers are believed to have deployed ransomware to encrypt key M&S systems, according to BleepingComputer. The same group, which reportedly consists of a group of individuals in their 20s from the U.K. and U.S., has been previously charged in the U.S. for phishing schemes targeting cryptocurrency.

The fallout from the attack has been significant. Online sales, typically worth £3.8 million per day, have now been suspended for five consecutive days. While customers can still browse M&S’s website and shop in physical stores, technical issues still persist. Gift cards are currently not being accepted, and returns are restricted to tills in clothing and homeware stores or by post. Food stores are unable to process returns entirely.

The disruption and uncertainty around a resolution have concerned investors, wiping £500 million from M&S’s stock market value over the past week. It is suggested the attack may have originated via one of the retailer’s third-party service providers, raising concerns about the wider M&S supply chain.

In a brief statement, M&S said: “As you would expect, we cannot share the details of this cyber incident.”

The breach is still unfolding, as investigators work to determine how the attackers infiltrated M&S’s systems and when normal operations can resume.