Police have arrested four people in connection with the cyber attacks that brought chaos to M&S and the Co-op. This is a major step forward in one of the most disruptive data breaches the UK retail sector has seen.
The National Crime Agency (NCA) confirmed that three teenage males and a 20-year-old woman have been taken into custody. The arrests were made in London, the West Midlands and Staffordshire, with officers also seizing multiple electronic devices.
The suspects face charges including blackmail, money laundering, and breaking the Computer Misuse Act. One of the group, a 19-year-old male, is from Latvia. The rest are UK nationals.
A growing pattern of attacks
The M&S hack first came to light in April and has since snowballed into a full-blown crisis. Attackers deployed ransomware, a type of malicious software that locks up IT systems unless a ransom is paid. M&S said the attack has caused major disruptions, with some internal systems expected to remain down until late autumn.
Meanwhile, the Co-op also confirmed that customer and staff data had been stolen. The firm only acknowledged the breach after hackers contacted the BBC with evidence. Fortunately, the Co-op managed to disconnect its networks before the ransomware could be deployed.
Luxury retailer Harrods was also targeted, but escaped with minimal disruption after swiftly isolating its networks.
The latest arrests come hot on the heels of another major breach, this time affecting Australian airline Qantas. The same hacking group, known as Scattered Spider, is believed to be behind all three attacks.
What this means for customers
If you’re a customer of M&S, the Co-op or Qantas, your personal data could now be circulating in the wrong hands. These aren’t isolated incidents, they’re part of a broader campaign by a well-organised group targeting major brands.
Even if your data hasn’t yet been misused, breaches like this can have long-term consequences. Identity theft, phishing scams and credit fraud often show up months (or even years) after the initial attack.
What you can do now
It’s easy to feel powerless after a data breach, but there are steps you can take. We’ve created a free, plain-English guide to help you protect yourself, avoid scams and understand your legal rights.
So, your data has been breached… is a clear, plain-English guide designed to walk you through the steps you should take – from tightening your online security to checking if you’re eligible for compensation.
Can you join a data breach claim?
If a company didn’t do enough to protect your personal data, you could be entitled to compensation, even if you haven’t noticed anything suspicious yet.
We’re working with trusted UK law firms to help affected customers take action. Use the tools below to check if you’re eligible:
- Register your interest in the Qantas breach (we’ll let you know if a claim opens)
