Another Two Big Names Fall Victim to Cyber Attacks: Could Your Business Be Next?

In April 2025, Marks & Spencer (M&S) and the Co-op became the latest high-profile victims of a major cyberattack—underscoring the growing sophistication of cybercriminals and the escalating risks faced by businesses of all sizes.

This wasn't a simple breach. It was a coordinated, systemic cyber event, now classified as a “Category 2” incident by the UK's Cyber Monitoring Centre (CMC)—the second most severe level of cyber threat.

The damage? Severe. The warning to other businesses? Loud and clear.

What Happened?

The attack was attributed to "Scattered Spider" (UNC3944)—a highly advanced cybercrime group known for social engineering tactics that trick employees into handing over access credentials.

In this case, attackers impersonated IT staff, targeting help desk functions to infiltrate internal systems across both retail giants.

Key Fallout:

  • M&S suffered six weeks of disruption to its online shopping platform—customers could browse, but not buy.
  • Estimated £300 million hit to M&S's operating profits.
  • Combined financial impact across M&S and Co-op is estimated between £270 million and £440 million.
  • Significant knock-on effects on suppliers and service providers tied to their networks.

The attack's “narrow and deep” nature meant that while it didn't spread widely, it devastated core systems—raising red flags across the UK retail and insurance sectors.

Why This Matters to Every Business

If cybercriminals can breach multi-billion-pound companies with dedicated IT teams, no business is immune. What's more worrying is the method—social engineering, where the weakest link isn't software, but human behaviour.

The reality is:

Many businesses underestimate their cyber risk.

Cyber incidents are no longer isolated IT problems—they impact revenue, reputation, and even legal liability.

The cost of a breach extends far beyond immediate recovery—it can threaten the future of your business.

How Cyber Insurance Can Protect You

At LBH Insurance, we offer specialist Cyber Insurance that helps shield your business from the financial fallout of a cyberattack.

Our policies can cover:

  • Business interruption losses
  • Data breach response and customer notification
  • Legal defence and regulatory fines
  • Ransomware payments and negotiation support
  • Reputational damage control

Whether you're an SME or a growing retail operation, protecting your digital assets is no longer optional.

Don't Wait Until It's Too Late

Cybercrime is evolving—and fast. If large corporations with vast resources are vulnerable, what would a similar attack mean for your business?

Stay one step ahead—make cyber protection a priority.

Call us on 01702 347889 for a no-obligation, competitive quote—and peace of mind that your cover reflects both your risk and your reputation or email enquiries@lbhinsurance.co.uk.