The Story

Who's behind the M&S cyber attack?

May 7, 2025

Join Mark Sellman, Technology Correspondent for The Times, as he delves into the world of cybercrime and the notorious group Scattered Spider. He reveals how this group orchestrated significant attacks on major retailers, including Marks and Spencer, using tactics like social engineering and SIM swapping. Sellers discusses the financial repercussions of these cyberattacks, effective defense strategies for businesses, and the critical importance of cybersecurity in our interconnected world for protecting personal data.

26:57

Creator website

Episode guests

Mark Sellman

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The Scattered Spider hacker collective employs social engineering techniques, complicating corporate cybersecurity efforts and highlighting a need for stronger defenses.

Cyber attacks have profound operational and reputational consequences for retailers like Marks & Spencer, necessitating a dual strategy of prevention and recovery.

Deep dives

The Scattered Spider Group's Emergence

Scattered Spider, a hacker collective mainly consisting of young males from the U.S. and the U.K., has gained notoriety for its cybercriminal activities, including high-profile hacks like those of Las Vegas casinos. Characterized by their loose online collaboration, members may not even know one another yet share a common goal of extorting money through cyber attacks. Recent activities have spotlighted their aggressive methods, which led to disruptions at Marks & Spencer and other retailers, causing multi-million pound losses. The group's adaptability and anonymity make them particularly challenging to combat, as they often operate under various aliases and leverage social engineering techniques to bypass corporate cybersecurity measures.

Intro

2min

Inside Scattered Spider: The New Face of Cybercrime

11min

Inside the Mind of Scattered Spider

5min

Understanding Cyber Extortion and Defense Strategies

3min

Navigating Cybersecurity Challenges

8min

The Importance of Cybersecurity and Personal Data Protection

2min

How do hackers take down a high street staple? What started as a contactless payment outage at Marks and Spencer, quickly became the retail fortnight from hell, as cyber attacks have brought brands to a crashing halt in online trading over the last two weeks. So who is behind it, and what are their methods? And more importantly, how do you guard yourself in an evermore online world?

This podcast was brought to you thanks to the support of readers of The Times and The Sunday Times. Subscribe today: http://thetimes.com/thestory

Guest: Mark Sellman, Technology Correspondent, The Times.

Host: Luke Jones.

Producer: Rosie Stopher.

Further reading: Who are Scattered Spider hackers linked to the M&S cyberattack?

M&S and Co-op cyberattackers ‘tricked IT into resetting passwords’

M&S staff share war stories of ‘toughest’ week after cyberattack

Clips: Sky News, BBC, ITV

Photo: The Times

Get in touch: thestory@thetimes.com

Hosted on Acast. See acast.com/privacy for more information.