By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
RebruitRebruitRebruit
  • Latest
  • Finance
  • Technology
  • Security
  • Guides
Reading: How Hackers Broke Into M&S and Co-op: It Wasn’t a Glitch — It Was Human Error
Font ResizerAa
RebruitRebruit
Font ResizerAa
Search
  • Latest
  • Finance
  • Technology
  • Security
  • Guides
Follow US
  • About
  • Our Standards
  • Contact
  • Privacy Policy
  • Cookie Policy
  • Terms of use
© 2025 REBRUIT | We don’t control content on external sites. Read more about how we handle external links

Home » How Hackers Broke Into M&S and Co-op: It Wasn’t a Glitch — It Was Human Error

Security

How Hackers Broke Into M&S and Co-op: It Wasn’t a Glitch — It Was Human Error

UK cybersecurity officials are urging retailers to tighten their IT support protocols, warning that future attacks could target banks, healthcare providers, or any workplace — not just retail.

May 6, 2025
Share
3 Min Read
M&S Cyber Attack
SHARE

You’d think a major cyberattack would start with a high-tech exploit, a flaw in the system, or some zero-day vulnerability buried in the code.

But the recent breach that hit Marks & Spencer and Co-op didn’t need any of that. Instead, it started with something much simpler — a convincing phone call.

According to reports, the cybercriminal group known as Scattered Spider pulled off the attack by using a classic technique: social engineering. They didn’t break in by force. They asked — and someone let them in.

Here’s how it works:

READ ALSO: M&S confirms cyberattack after days of disruption

  • The hackers posed as real employees, calling IT help desks and claiming they’d lost access to their accounts.
  • Using details likely scraped from earlier data leaks, phishing emails, or even LinkedIn, they sounded convincing enough to fool support staff.
  • IT teams, thinking they were just helping a colleague, reset the credentials, effectively handing the keys to the kingdom over to the attackers.

Once inside, the group didn’t waste time. They moved laterally through internal systems, escalating their access and, in M&S’s case, eventually deploying ransomware (linked to the DragonForce group) to lock up servers and disrupt operations.

This wasn’t just a temporary hiccup. The breach led to the complete suspension of online orders at M&S, while contactless payments and click-and-collect services were taken offline.

The company also suffered market value losses exceeding £650 million. Over at Co-op, customer data, including personal contact information, was exposed. And incredibly, it all started with someone simply pretending to be an employee on the phone.

This type of attack is hard to stop with tech alone. You can have the best firewalls in the world, but if someone inside clicks the wrong link or resets the wrong password, the damage is done.

It’s a reminder that cybersecurity is a people problem as much as a technology problem. Staff training, strict ID verification, and internal protocols need just as much investment as fancy security software.

Both M&S and Co-op are still working to clean up the problem, and investigations are ongoing. On the other hand, the UK’s cybersecurity authorities are warning other retailers to review their IT support processes immediately.

Because next time, it might not just be a retail chain. It could be your bank, your healthcare provider, or your workplace.

Share This Article
Facebook Whatsapp Whatsapp Bluesky Copy Link
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

Block
Square’s Bitcoin Payment Pilot: Bringing Crypto to Everyday Retail
Finance
METAMASK
MetaMask Embraces Solana: A New Era for Multi-Chain Wallets
Finance
Read Smarter, Not Harder
Read Smarter, Not Harder: These Apps Will Help You Read More Anywhere
Guides
Samsung-One-UI-8
15+ New Features Coming to One UI 8
Latest
samsung
Don Belle Boost Samsung Galaxy A-Series Buzz
Latest

You Might Also Like

ZKsync
Security

ZKsync Account Hack: What Happened and What It Means

May 25, 2025
Marks-and-Spencer-cyber-attack
Security

M&S cyberattack: Recruitment paused and supply issues reported

May 1, 2025
M&S Pause Online order
Security

M&S pauses all online orders after cyber attack

May 1, 2025
M&S Attack
Security

M&S confirms cyberattack after days of disruption

May 1, 2025
23andMe
Security

23andMe Bankruptcy Raises Serious DNA Privacy Concerns

April 21, 2025
Google Play
Security

New Google Play system update now force your phone to auto-reboot after three days

April 22, 2025
Global Cybersecurity Agencies Uncover Spyware Hidden in Android Apps
Security

Global Cybersecurity Agencies Uncover Spyware Hidden in Android Apps

April 24, 2025
UK Government Fails in Attempt to Shield Apple Surveillance Order from Public Eye
Security

UK Government Fails in Attempt to Shield Apple Surveillance Order from Public Eye

April 24, 2025
Follow US
© 2025 REBRUIT | We don’t control content on external sites. Read more about how we handle external links
  • About
  • Our Standards
  • Contact
  • Privacy Policy
  • Cookie Policy
  • Terms of use
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?