Why are UK retailers being hit by cyber attacks?

2 May 2025, 13:39

By Will Guyatt, technology correspondent

@willguyatt

LBC’s Tech Correspondent Will Guyatt isn’t losing sleep, yet…

Keep calm and carry on - it’s a common refrain that seems apt as three UK retailers - M&S, Co-Op and Harrods have all revealed cyber attacks in the last week.  Yes it’s bad for all involved - but it's sadly part of our daily lives.

The disruption caused by cyber attacks on these businesses have been significant - with reports of empty shelves and online orders being cancelled. So far, there's no evidence of personal data being taken - and in the case of the Co-Op shutting down some of their systems stopped the attack from spreading.

The words “cyber attack” still elicit a Pavlovian response - and should, but the more and more we hear of cyber attacks, the less we’re going to care.  If one happens and you’re at risk, change your password, keep an eye on your credit record and move on - it’s an annoying part of our increasingly digital world.

Not every cyber attack is a shadowy group of Chinese, Russian or even North Korean hackers.  Sometimes they could be your next door neighbour. Why take the risk of holding up a High Street Bank in a James O’Brien mask, when hackers can steal our data and extort those who hold lots of it?

I’ve had many calls this week asking me to link the attacks on UK retailers to some kind of foreign state intervention - perhaps attacking our retails to disrupt supply chains and trigger panic.  If this was the case, why on earth would Harrods be a target? Unless of course you want to make Kensington hungry.

Until I’m proven wrong, I believe these retailer cyber attacks are all about plain old crime.  The group claiming responsibility for the M&S hack are linked to a teenage hacking community known as Scattered Spider. These guys are ransomware experts, and have successfully exploited banks, casinos and major global organisations to pay them to reinstate IT systems, and have made millions.

At the heart of their toolkit is a more traditional method - social engineering.  Forget using sophisticated apps or malware, just gain the trust of a human being on the IT desk or phone an underpressure member of staff and bamboozle them into handing over their login details - that way you can often carry on undetected for a long time.

Hackers are often one step ahead of businesses when it comes to their online security. While cyber security is of growing importance as it maintains trust, it also costs significant amounts of money. Unlike a new shop or a website redesign there's no visible way of showing off investment in cyber security.

Thankfully, businesses are getting better at informing us of cyber attacks - partly because of the threat of fines if they don't. The reality is that cyber attacks can be fast moving, and the instances of illicit activity you find are not the ones you need to worry about. It can take time to get to the root of the issue, and legal people get very twitchy about taking responsibility when announcements are drafted.

M&S, Co-Op and Harrods won't be the last. Our data is the new oil - let’s encourage businesses and governments to be more responsible with it.

________________

Will Guyatt is Technology Correspondent for LBC.

LBC Opinion provides a platform for diverse opinions on current affairs and matters of public interest.

The views expressed are those of the authors and do not necessarily reflect the official LBC position.

To contact us email opinion@lbc.co.uk