Two of Britain’s best-known retailers—Marks & Spencer and the Co-op—have been hit by cyberattacks within days of each other, sparking concerns over the resilience of major high street brands against rising digital threats.
M&S was plunged into crisis over the Easter weekend after hackers, reportedly linked to the Scattered Spider group, crippled its IT systems. The disruption has led to widespread stock shortages, with popular items like Percy Pigs and Colin the Caterpillar cakes vanishing from shelves, while online services were suspended.
“As part of our proactive management of the incident, we took a decision to take some of our systems temporarily offline,” an M&S spokesperson confirmed. “As a result, we currently have pockets of limited availability in some stores.”
The retailer is working with the National Cyber Security Centre, Microsoft, and CrowdStrike to resolve the issue. Market analysts estimate daily financial losses of up to £3.8 million, with over £600 million wiped from M&S’s market value.
Just days later, the Co-op revealed it had also suffered an attempted breach. Though customer-facing services remained operational, parts of its back-office and call centre infrastructure were shut down as a precaution.
“We have recently experienced attempts to gain unauthorised access to some of our systems,” a Co-op spokesperson said. “We have taken proactive steps to keep our systems safe.”
The National Cyber Security Centre is investigating whether the two incidents are linked, as the retail sector braces for further cyber threats in an increasingly hostile digital landscape.
