RETAIL CYBER ATTACKS BOOM AFFECTING BIG COMPANIES IN THE UK

In April and May 2025, several major UK retailers experienced significant cyberattacks, primarily attributed to the DragonForce and Scattered Spider ransomware groups. These incidents disrupted operations, compromised customer data, and highlighted vulnerabilities within the retail sector.

As an IT service provider, these headlines are turning our heads and have really got us thinking about the problems and if there was a way they could have been presented. 

RETAILERS AFFECTED BY CYBER ATTACKS

These are some of the attacks that have taken place that you might have heard about or been affected by.

MARKS & SPENCER (M&S)

On April 19, M&S suffered a ransomware attack that disrupted contactless payments and order collections. Personal data, including contact details and order history, was compromised, but payment information remained secure. The attack led to an estimated £60 million in lost profits and over £1 billion in market value loss. Some online orders were suspended. 

CO-OP

On May 2, Co-op disclosed a cyberattack that resulted in unauthorised access to personal data of current and former members, including names, contact details, and dates of birth. Financial data and passwords were not affected. The breach prompted the shutdown of certain IT systems to prevent further damage. 

HARRODS

Harrods reported an attempted cyberattack on May 1, leading to restricted internet access at some sites as a precautionary measure. While no breach was confirmed, the incident raised concerns about potential vulnerabilities.

PETER GREEN CHILLED

A supplier to major UK supermarkets, including Aldi, Tesco, and Sainsbury’s, was targeted by a cyberattack that disrupted the supply chain, affecting food and goods distribution across the country. This affected the operations of these major retailers. 

PREVENTION MEASURES FOR CYBER ATTACKS AND DATA PROTECTION

Based on the data that was exposed and corrupted, personal data wasn’t affected in most cases. This suggests that all these retailers have invested in highly secure cyber security when it comes to GDPR. However, because of the disruption in supply and transactions, these incidents underscore the importance of robust cybersecurity practices.

We’re not saying that the reason these cyber-attacks happened was because of the following procedures not being met, nor are we saying that conducting these guarantees your safety – but – they could minimise your risk of attack if this is something you are concerned about.

• Regular System Audits: Make sure you are conducting frequent security assessments to identify and address vulnerabilities.
• Employee Training: Educate your staff to help them recognise phishing attempts and follow secure practices.
• Data Encryption: Make sure you’re implementing a strong encryption protocol to protect sensitive information.
• Incident Response Plans: Develop and test response strategies to quickly address and mitigate attacks.

If you are looking to enhance your cyber security, contact iNREACH. We have  a vast amount of knowledge and experience and can help build a security package for you

THE IMPORTANCE OF INVESTING IN CYBERSECURITY

In light of these attacks, it’s more important than ever to ensure you have a robust security system for your business. There are several reasons why you should be investing or upgrading today.

By prioritising cybersecurity, your business will reduce the risk of cyberattacks and their potentially devastating consequences.

CYBER SECURITY WITH iNREACH

At iNREACH, we are an IT provider for businesses all over the UK. As part of our IT service solutions, we can provide a full cyber security package and plan to reduce the risk of you falling victim to an attack whilst implementing a strategy for remaining operational if anything does come your way.

For more information or to discuss your requirements, please contact our team.

DISCOVER MORE