UK Police Arrest Four Suspects Over Cyberattacks on M&S, Co-op, and Harrods

Four individuals under the age of 21 have been arrested in connection with cyberattacks that disrupted operations at major UK retailers Marks & Spencer (M&S), the Co-op, and Harrods, the National Crime Agency (NCA) announced on Thursday. The most severe incident occurred in April when a ransomware attack forced M&S to halt online clothing sales for nearly seven weeks, resulting in an estimated £300 million ($400 million) loss in operating profit.

The arrested suspects include three males aged 17, 19, and 19, and a 20-year-old woman. They were detained at their homes in the West Midlands and London. The NCA said they face allegations including offenses under the Computer Misuse Act, blackmail, money laundering, and involvement in organized crime. Authorities also seized their electronic devices, and the suspects are currently being questioned by the NCA’s National Cyber Crime Unit.

M&S Chairman Archie Norman revealed to lawmakers that the company had engaged with the U.S. FBI regarding the cyberattack. He suggested that loosely connected groups, possibly led by a hacking collective known as DragonForce, were behind the incidents. Norman also advocated for UK businesses to be legally mandated to report significant cyberattacks, noting that some major breaches recently went unreported.

M&S resumed online clothing orders on June 10 after a 46-day suspension, although click-and-collect services remain offline. CEO Stuart Machin expressed confidence that the company would be through the worst of the attack’s impact by August.