The Unbiased Post Logo
Sunday 22/02/2026

Arrests Made in Major Cyber-Attacks on UK Retail Giants

Published 10 July 2025

Highlights

  1. Rewritten Article

    Headline: Arrests Made in Major Cyber-Attacks on UK Retail Giants

    In a significant development, four individuals have been arrested in connection with a series of cyber-attacks that targeted major UK retailers Marks & Spencer (M&S), Co-op, and Harrods. The National Crime Agency (NCA) announced the arrests, which include a 20-year-old woman from Staffordshire and three males aged between 17 and 19 from London and the West Midlands. The suspects are being investigated for offences under the Computer Misuse Act, blackmail, money laundering, and participation in organized crime activities.

    Details of the Arrests

    The arrests were executed in the early hours of Thursday, with NCA officers conducting operations at the suspects' residences. Neighbors in Staffordshire described a large police presence, with officers seizing numerous electronic devices for forensic analysis. Paul Foster, head of the NCA's National Cyber Crime Unit, emphasized the importance of these arrests, stating, "Our work continues, alongside partners in the UK and overseas, to ensure those responsible are identified and brought to justice."

    Impact on Retailers

    The cyber-attacks, which began in mid-April, have had a profound impact on the affected retailers. M&S was the first to be breached, resulting in the theft of private data and the deployment of ransomware that disrupted its operations. The retailer anticipates a £300 million loss in profits due to the incident. Co-op and Harrods also faced significant challenges, with Co-op admitting to a data breach affecting millions of customers and staff. Harrods, meanwhile, had to disconnect its IT systems to prevent further unauthorized access.

    Ongoing Investigation

    The NCA's investigation remains one of its highest priorities, with support from regional organized crime units. The agency is also examining the involvement of Scattered Spider, a group of English-speaking hackers. M&S chair Archie Norman highlighted the severity of the attack, describing it as "traumatic" and revealing that other large UK companies have faced similar unreported incidents.

  2. Scenario Analysis

    The recent arrests mark a crucial step in addressing the cyber threats faced by UK businesses. As the NCA continues its investigation, the focus will likely remain on identifying and dismantling the organized crime networks behind these attacks. The involvement of international partners suggests a broader effort to combat cybercrime on a global scale. Retailers, meanwhile, may need to enhance their cybersecurity measures to prevent future breaches and protect sensitive data. The case underscores the importance of collaboration between businesses and law enforcement in tackling the growing threat of cyber-attacks.

In a significant development, four individuals have been arrested in connection with a series of cyber-attacks that targeted major UK retailers Marks & Spencer (M&S), Co-op, and Harrods. The National Crime Agency (NCA) announced the arrests, which include a 20-year-old woman from Staffordshire and three males aged between 17 and 19 from London and the West Midlands. The suspects are being investigated for offences under the Computer Misuse Act, blackmail, money laundering, and participation in organized crime activities.

Details of the Arrests

The arrests were executed in the early hours of Thursday, with NCA officers conducting operations at the suspects' residences. Neighbors in Staffordshire described a large police presence, with officers seizing numerous electronic devices for forensic analysis. Paul Foster, head of the NCA's National Cyber Crime Unit, emphasized the importance of these arrests, stating, "Our work continues, alongside partners in the UK and overseas, to ensure those responsible are identified and brought to justice."

Impact on Retailers

The cyber-attacks, which began in mid-April, have had a profound impact on the affected retailers. M&S was the first to be breached, resulting in the theft of private data and the deployment of ransomware that disrupted its operations. The retailer anticipates a £300 million loss in profits due to the incident. Co-op and Harrods also faced significant challenges, with Co-op admitting to a data breach affecting millions of customers and staff. Harrods, meanwhile, had to disconnect its IT systems to prevent further unauthorized access.

Ongoing Investigation

The NCA's investigation remains one of its highest priorities, with support from regional organized crime units. The agency is also examining the involvement of Scattered Spider, a group of English-speaking hackers. M&S chair Archie Norman highlighted the severity of the attack, describing it as "traumatic" and revealing that other large UK companies have faced similar unreported incidents.

What this might mean

The recent arrests mark a crucial step in addressing the cyber threats faced by UK businesses. As the NCA continues its investigation, the focus will likely remain on identifying and dismantling the organized crime networks behind these attacks. The involvement of international partners suggests a broader effort to combat cybercrime on a global scale. Retailers, meanwhile, may need to enhance their cybersecurity measures to prevent future breaches and protect sensitive data. The case underscores the importance of collaboration between businesses and law enforcement in tackling the growing threat of cyber-attacks.

Arrests Made in Major Cyber-Attacks on UK Retail Giants

Police officers arresting cybercriminals in the UK
Sofia RomanoSofia Romano

In This Article

HIGHLIGHTS

  • Four individuals, including three teenagers, were arrested in connection with cyber-attacks on M&S, Co-op, and Harrods.
  • The National Crime Agency (NCA) led the operation, seizing electronic devices and suspecting involvement in organized crime.
  • The cyber-attacks, which began in April, involved ransomware and caused significant disruption and financial loss to the retailers.
  • M&S reported a potential £300 million loss due to the attack, while Co-op and Harrods also faced operational challenges.
  • The investigation continues as the NCA collaborates with international partners to bring those responsible to justice.

In a significant development, four individuals have been arrested in connection with a series of cyber-attacks that targeted major UK retailers Marks & Spencer (M&S), Co-op, and Harrods. The National Crime Agency (NCA) announced the arrests, which include a 20-year-old woman from Staffordshire and three males aged between 17 and 19 from London and the West Midlands. The suspects are being investigated for offences under the Computer Misuse Act, blackmail, money laundering, and participation in organized crime activities.

Details of the Arrests

The arrests were executed in the early hours of Thursday, with NCA officers conducting operations at the suspects' residences. Neighbors in Staffordshire described a large police presence, with officers seizing numerous electronic devices for forensic analysis. Paul Foster, head of the NCA's National Cyber Crime Unit, emphasized the importance of these arrests, stating, "Our work continues, alongside partners in the UK and overseas, to ensure those responsible are identified and brought to justice."

Impact on Retailers

The cyber-attacks, which began in mid-April, have had a profound impact on the affected retailers. M&S was the first to be breached, resulting in the theft of private data and the deployment of ransomware that disrupted its operations. The retailer anticipates a £300 million loss in profits due to the incident. Co-op and Harrods also faced significant challenges, with Co-op admitting to a data breach affecting millions of customers and staff. Harrods, meanwhile, had to disconnect its IT systems to prevent further unauthorized access.

Ongoing Investigation

The NCA's investigation remains one of its highest priorities, with support from regional organized crime units. The agency is also examining the involvement of Scattered Spider, a group of English-speaking hackers. M&S chair Archie Norman highlighted the severity of the attack, describing it as "traumatic" and revealing that other large UK companies have faced similar unreported incidents.

WHAT THIS MIGHT MEAN

The recent arrests mark a crucial step in addressing the cyber threats faced by UK businesses. As the NCA continues its investigation, the focus will likely remain on identifying and dismantling the organized crime networks behind these attacks. The involvement of international partners suggests a broader effort to combat cybercrime on a global scale. Retailers, meanwhile, may need to enhance their cybersecurity measures to prevent future breaches and protect sensitive data. The case underscores the importance of collaboration between businesses and law enforcement in tackling the growing threat of cyber-attacks.

Related Articles

UK Police Intensify Investigation into Andrew Mountbatten-Windsor Amid Misconduct Allegations

UK Police Intensify Investigation into Andrew Mountbatten-Windsor Amid Misconduct Allegations

Prince Andrew's Arrest Raises Questions About Royal Succession and Monarchy's Future

Prince Andrew's Arrest Raises Questions About Royal Succession and Monarchy's Future

Rising Concerns Over Youth Crime as London and Birmingham Stabbings Shock Communities

Rising Concerns Over Youth Crime as London and Birmingham Stabbings Shock Communities

Counter-Terrorism Officers Lead Probe into London School Stabbing

Counter-Terrorism Officers Lead Probe into London School Stabbing

Rising Measles Cases in the UK Spark Urgent Vaccination Campaign

Rising Measles Cases in the UK Spark Urgent Vaccination Campaign

Noel Clarke Arrested Over 2007 Attempted Rape Allegation

Noel Clarke Arrested Over 2007 Attempted Rape Allegation