A spate of high-profile cyber attacks on UK retailers is part of an ongoing “fraud pandemic”, according to security experts, who warn that more major incidents are inevitable.
The Co-op, Harrods and Marks and Spencer are among the companies to have already suffered crippling hacks in 2025, which have compromised the data of millions of customers and resulted in millions of pounds in lost revenue.
“These attacks are not just serious data breaches, but have rapidly evolved into operational nightmares which cause severe long-term financial and reputational setbacks,” Vivek Dodd, CEO of security and compliance training provider Skillcast, told The Independent.
“With this fraud pandemic exposing just how vulnerable many businesses are, particularly those relying on outdated processes or inconsistent training, it is putting pressure on already-stretched IT systems and is leaving customer data dangerously vulnerable.”
A recent report from Skillcast found that a “significant portion” of professionals “regularly fail basic security steps”, suggesting that staff are unprepared to handle cyber threats.
The series of attacks is part of a “blood in the water” effect, according to Anthony Lloyd, the principal cyber technologist at data protection firm tmc3.
He told The Independent that the success of certain hacking methods on these retailers has emboldened cyber criminals and enticed more to carry out attacks.
“They are launching copycat attacks against other organisations within the same sector, assuming they have similar vulnerabilities,” Mr Lloyd said.
“It’s less about a sudden surge in sophistication, and more about attackers focusing on a sector they perceive as having both soft defences and high-value customer data.
“There is also the issue of constant tension between security and customer experience; to keep online shopping slick and easy, retailers ignore multi factor authorisation (MFA) as it means an extra hassle for customers logging in. Attackers know this, and they go for it.”
Mr Lloyd also called for a complete culture change when it comes to security training within large organisations in order to protect their customers and safeguard the space.
Other experts have warned that the recent spate of attacks could be a prelude to far more devastating attacks that have potential to be not just disruptive, but deadly.
“The threat of a large-scale attack on critical infrastructure is no longer hypothetical,” Pencer Starkey, an executive at cyber security firm SonicWall, told The Independent last month.
“The techniques used in recent retail and legal breaches – identity compromise, ransomware, lateral movement – are exactly the kinds of methods that could disrupt healthcare, utilities, or government systems.
“While we haven’t yet seen a ‘black swan’ cyber event at scale in the UK, the trajectory of these attacks suggests that it’s a matter of when, not if, unless we accelerate systemic readiness and resilience across sectors.”
