The recent cyberattack that crippled Marks & Spencer (M&S) has been linked to the notorious hacking group Scattered Spider. This attack forced the retailer to halt online sales and disrupted various in-store operations, exhibiting the group’s trademark tactics.
Key Points
- The cyberattack severely impacted M&S, disrupting contactless payments, click-and-collect orders, and online deliveries.
- Initial infiltration of M&S systems may have occurred as early as February, with significant data theft, including the NTDS.dit file.
- The DragonForce encryptor was reportedly deployed against M&S systems, indicating a sophisticated ransomware attack.
- Scattered Spider operates as a fluid collective, characterised by advanced social engineering techniques, complicating their tracking.
- This group has been involved in notable cyberattacks, including the breach of MGM Resorts in 2023.
Why should I read this?
If you’re into cybersecurity or just want to know how safe your favourite retail brands are, this article sheds light on the alarming capabilities of hacking groups like Scattered Spider. Keeping abreast of such incidents is crucial, especially as they can significantly affect everyone’s shopping experience and data safety.