Major Breach Hits Marks & Spencer Amid Rising Cyber Threats

On May 24, 2025, the cybersecurity landscape was significantly impacted by a major breach at Marks & Spencer, attributed to the Scattered Spider group. The attack resulted in a projected loss of £300 million ($402 million) and severely disrupted the company's online retail systems. Customer data was compromised, forcing Marks & Spencer to conduct extensive recovery operations that left their services offline for an extended period. This incident underscores the continuing trend of sophisticated cyber threats targeting large organizations. As attackers evolve, businesses must prioritize robust cybersecurity measures and incident response strategies to mitigate potential losses.

In related news, Coinbase disclosed a ransomware incident involving bribed customer support agents, leading to the exposure of sensitive user data. The attackers demanded $20 million, but Coinbase opted not to pay and instead initiated a reward program for information on the attackers. Meanwhile, a healthcare system experienced significant outages due to the Interlock ransomware, raising alarms about vulnerabilities in the healthcare sector. Additionally, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged multiple critical vulnerabilities across platforms, including SolarWinds and Ivanti, emphasizing the persistent risks from unpatched enterprise software. Overall, May 2025 has seen an alarming increase in data breaches and ransomware attacks, calling attention to the urgent need for enhanced cybersecurity measures across all sectors.