Scattered Spider Hackers Get Busy

Uploaded on 2025-06-02 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Hackers associated with the group known as Scattered Spider are currently engaged in a wave of cyber-attacks that have affected some of the UK’s most prominent retailers, including Marks & Spencer, the Co-op, and Harrods. Cybersecurity experts warn that the same threat is now extending across the Atlantic, targeting retailers in the United States as well.

Google’s cybersecurity division, Mandiant, has confirmed that this pattern of attacks has shifted seamlessly from the UK into the US, consistent with the modus operandi of Scattered Spider assailants.

The group is believed to be behind the recent breaches, which have seen personal data stolen from affected organisations.

Data Breaches & Personal Information Compromised

Mark & Spencer (M&S) recently notified staff that some personal information may have been compromised during the attack, with email addresses and full names believed to be amongst the data stolen. Later disclosures revealed that thousands of customers’ personal information had also been accessed by the hackers, further underscoring the scope and severity of these breaches.

The Tactics Of Scattered Spider

The National Cyber Security Centre (NCSC) issued an advisory warning businesses across the UK to remain vigilant. The agency highlighted specific tactics employed by Scattered Spider, notably an approach where attackers call IT help desks pretending to be employees or contractors to obtain system access.

“These cyber threats, including extortion and ransomware, are among the most prevalent risks facing UK organisations today,” the NCSC warned. Their guidance urges companies to scrutinise how their help desks manage password resets, as this remains a common entry point exploited by cybercriminals.

About Scattered Spider

Unlike many ransomware groups traditionally linked to Russian and former Soviet states, Scattered Spider is characterised by its composition of native English speakers from countries such as the UK, US, and Canada. The gang uses a variety of hacking techniques rather than operating as a formal, homogenous group.

The primary goal of ransomware gangs like Scattered Spider is to infect organisations' systems with malicious software that encrypts files. The attackers then demand payment in exchange for the decryption keys, often leading to significant data loss and operational disruption.

Challenges For Law Enforcement

Law enforcement agencies have found it difficult to track down and combat Scattered Spider. The group's amorphous structure, youthful membership, and the lack of cooperation from victims have hampered efforts to curtail their activities. 

Given their sophisticated social engineering tactics and dispersed structure, analysts warn that these cyber-attacks could continue to grow in frequency and intensity, especially with the increasing value of retail and consumer data.

The Growing Threat

With the retail sector increasingly targeted by cybercriminals, the importance of robust security measures becomes evident. The NCSC emphasises that cyber threats are opportunistic and indiscriminate, affecting businesses of all sizes - no organisation is immune to the risks posed by groups like Scattered Spider.

As these attacks expand into the US market, both UK and international companies are advised to reinforce their cybersecurity protocols to prevent becoming the next victim of this rising threat.

Google   |   NCSC  |   TechDigest  |   The Record  |   Guardian  |   MSN  

Image: Ideogram

You Might Also Read: 

The Future Of Passwords In Retail:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« British Research & Innovation Faces Serious Cyber Attacks
FBI Warns Of Surging Use Of Vishing »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

mPrest

mPrest

mPrest is a global provider of mission-critical monitoring and control solutions for the defense, security, utility and Industrial Internet of Things (IoT) sectors.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

Reliance Cyber

Reliance Cyber

Reliance Cyber (formerly Reliance ACSN) help to monitor and manage your organisation’s security infrastructure 24/7, so you can make sure all threats and issues are dealt with.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

LimaCharlie

LimaCharlie

LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility, build what you want, control your data, get the security capabilities you need.

IGI Cybersecurity

IGI Cybersecurity

IGI Cybersecurity delivers people-driven cybersecurity for personalized, resilient cyber defense focused on individualized strategy and unshakeable partnership.

Focus on Security

Focus on Security

Focus on Security are Cyber Security recruitment specialists. We’re dedicated to connecting you with the top Cyber Security talent across the globe. We focus on partnerships and results.

Cyber Security Global

Cyber Security Global

Cyber Security Global is a leader in electronic security, consultancy, technology, cybersecurity solutions, training, and specialized products.

Vivid Computing Solutions

Vivid Computing Solutions

At Vivid Computing Solutions we provide comprehensive solutions that keep your business running efficiently and securely.

Koop

Koop

Koop’s trust management platform helps navigate the complexities of regulatory compliance, security reviews, and liability insurance in a single place.

Synechron

Synechron

Synechron is a leading global digital consulting firm, providing innovative technology solutions for business.