Marks & Spencer Suffers Major Cyberattack, Projected Losses Reach £300 Million

On May 22, 2025, Marks & Spencer experienced a severe cyberattack linked to the notorious threat actor group, Scattered Spider. This breach has severely disrupted their online retail systems, resulting in a projected profit loss of approximately £300 million ($402 million). The attack compromised sensitive customer data, including names and email addresses, raising serious concerns about data privacy and consumer trust. Recovery from this incident is anticipated to take several months, with critical systems remaining offline for necessary repairs. Stakeholders are urged to monitor developments closely as the situation unfolds. For further details, refer to the Cybersecurity Newsletter.

Also In Security Today

Coinbase Breach: Coinbase has reported a sophisticated cyberattack where attackers bribed customer support agents to access sensitive user data. Following the breach on May 11, a $20 million ransom demand was issued, which Coinbase refused. Instead, they are offering a reward for information regarding the attack. More details can be found here.

UK Legal Aid Agency Breach: The UK Legal Aid Agency has disclosed a significant security incident affecting personal data of applicants dating back to 2010. As a result, the agency has taken online services offline, impacting hundreds of thousands of users. Additional information is available here.

Vulnerabilities Identified: A zero-day vulnerability in the AjaxProxy component of SolarWinds Web Help Desk has been reported, allowing attackers to execute commands remotely. Organizations are advised to implement urgent patches to mitigate potential risks. More details can be found here.

Analyst's Take

Today's alarming incidents underscore the escalating complexity of cyber threats facing organizations in 2025. The Marks & Spencer breach illustrates the devastating impact of cyberattacks on brand reputation and financial health, while the Coinbase incident highlights the vulnerability of insider threats. Defenders should prioritize employee training on security best practices and invest in monitoring solutions to detect suspicious internal activities. As vulnerabilities continue to emerge, timely patch management will be crucial in safeguarding sensitive data. The trend towards more aggressive tactics, including bribery, suggests that organizations must enhance their incident response strategies and foster a culture of security awareness.