Overview

• Google has issued a warning that the group responsible for paralyzing UK retailers, including Marks & Spencer, is now targeting US retail companies.
• The hacking collective, known as Scattered Spider, employs advanced social engineering tactics to bypass robust security measures.
• Marks & Spencer confirmed a ransomware attack on April 25 that froze its online operations and exposed customer names, addresses, and order histories.
• The UK National Cyber Security Centre has urged businesses to treat these attacks as a 'wake-up call,' though no single actor has been definitively identified.
• Scattered Spider has a history of disrupting major organizations, including 2023 breaches of MGM Resorts and Caesars Entertainment, and is expected to continue targeting the retail sector.