Security

How Hackers Broke Into M&S and Co-op: It Wasn’t a Glitch — It Was Human Error

UK cybersecurity officials are urging retailers to tighten their IT support protocols, warning that future attacks could target banks, healthcare providers, or any workplace — not just retail.

3 Min Read
M&S Cyber Attack

You’d think a major cyberattack would start with a high-tech exploit, a flaw in the system, or some zero-day vulnerability buried in the code.

But the recent breach that hit Marks & Spencer and Co-op didn’t need any of that. Instead, it started with something much simpler — a convincing phone call.

According to reports, the cybercriminal group known as Scattered Spider pulled off the attack by using a classic technique: social engineering. They didn’t break in by force. They asked — and someone let them in.

Here’s how it works:

READ ALSO: M&S confirms cyberattack after days of disruption

  • The hackers posed as real employees, calling IT help desks and claiming they’d lost access to their accounts.
  • Using details likely scraped from earlier data leaks, phishing emails, or even LinkedIn, they sounded convincing enough to fool support staff.
  • IT teams, thinking they were just helping a colleague, reset the credentials, effectively handing the keys to the kingdom over to the attackers.

Once inside, the group didn’t waste time. They moved laterally through internal systems, escalating their access and, in M&S’s case, eventually deploying ransomware (linked to the DragonForce group) to lock up servers and disrupt operations.

This wasn’t just a temporary hiccup. The breach led to the complete suspension of online orders at M&S, while contactless payments and click-and-collect services were taken offline.

The company also suffered market value losses exceeding £650 million. Over at Co-op, customer data, including personal contact information, was exposed. And incredibly, it all started with someone simply pretending to be an employee on the phone.

This type of attack is hard to stop with tech alone. You can have the best firewalls in the world, but if someone inside clicks the wrong link or resets the wrong password, the damage is done.

It’s a reminder that cybersecurity is a people problem as much as a technology problem. Staff training, strict ID verification, and internal protocols need just as much investment as fancy security software.

Both M&S and Co-op are still working to clean up the problem, and investigations are ongoing. On the other hand, the UK’s cybersecurity authorities are warning other retailers to review their IT support processes immediately.

Because next time, it might not just be a retail chain. It could be your bank, your healthcare provider, or your workplace.

Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Block
Square’s Bitcoin Payment Pilot: Bringing Crypto to Everyday Retail
Finance
METAMASK
MetaMask Embraces Solana: A New Era for Multi-Chain Wallets
Finance
Read Smarter, Not Harder
Read Smarter, Not Harder: These Apps Will Help You Read More Anywhere
Guides
Samsung-One-UI-8
15+ New Features Coming to One UI 8
Latest
samsung
Don Belle Boost Samsung Galaxy A-Series Buzz
Latest

You Might Also Like