Qantas Cyber Attack Linked to ShinyHunters and Scattered Spider Qantas recently confirmed that it was targeted in a cyber attack that compromised the personal data of millions of its customers. Initial assessments from cybersecurity experts indicated that the attack might have been executed by the Scattered Spider hacking collective. However,…
“Scattered Spider Linked to Cyberattacks on M&S and Co-op, Resulting in Up to $592M in Damages”
June 21, 2025
Cyber Attack / Critical Infrastructure
The April 2025 cyberattacks on U.K. retailers Marks & Spencer and Co-op have been deemed a “single combined cyber event” by the Cyber Monitoring Centre (CMC), an independent non-profit organization established by the insurance industry to assess significant cyber incidents. The CMC noted, “Given that one threat actor claimed responsibility for both M&S and Co-op, along with their close timing and the similar tactics, techniques, and procedures (TTPs), we have classified these incidents as a single combined cyber event.” These disruptions have been categorized as a “Category 2 systemic event,” with estimated financial repercussions ranging from £270 million ($363 million) to £440 million ($592 million). However, the cyberattack on Harrods, occurring around the same period, has not been included due to insufficient information regarding its cause.
Scattered Spider Linked to Cyberattacks on M&S and Co-op, Resulting in Significant Financial Losses In April 2025, the U.K. retailers Marks & Spencer (M&S) and Co-op fell victim to a series of coordinated cyberattacks, now recognized as a “single combined cyber event” by the Cyber Monitoring Centre (CMC). This independent,…
“Scattered Spider Linked to Cyberattacks on M&S and Co-op, Resulting in Up to $592M in Damages”
June 21, 2025
Cyber Attack / Critical Infrastructure
The April 2025 cyberattacks on U.K. retailers Marks & Spencer and Co-op have been deemed a “single combined cyber event” by the Cyber Monitoring Centre (CMC), an independent non-profit organization established by the insurance industry to assess significant cyber incidents. The CMC noted, “Given that one threat actor claimed responsibility for both M&S and Co-op, along with their close timing and the similar tactics, techniques, and procedures (TTPs), we have classified these incidents as a single combined cyber event.” These disruptions have been categorized as a “Category 2 systemic event,” with estimated financial repercussions ranging from £270 million ($363 million) to £440 million ($592 million). However, the cyberattack on Harrods, occurring around the same period, has not been included due to insufficient information regarding its cause.
In mid-2025, the Google Threat Intelligence Group (GTIG) unveiled a significant cyber threat stemming from a highly coordinated campaign linked to a financially motivated hacking collective known as Scattered Spider, also referred to as 0ktapus and UNC3944. This group has a history of targeting major industries, including retail, airlines, and…
Allianz Life has recently disclosed that a significant data breach has compromised the personal information of 1.4 million customers. The security incident was detected on July 16, 2025, prompting immediate communication to the Maine Attorney General the subsequent day. The insurance company stated that a “majority” of its customer base…
Allianz Life Insurance Company of North America has reported a significant data breach affecting personal information of approximately 1.4 million customers across the United States. The breach, identified on July 17, had its origins traced to a prior incident on July 16. The unauthorized access was linked to a compromise…
Fraud Management & Cybercrime, Social Engineering Hacking Tactics Linked to Retail and Airline Breaches Akshaya Asokan (asokan_akshaya) • July 25, 2025 Image: Shutterstock A group of adolescent cybercriminals known as Scattered Spider has recently targeted VMware hypervisors, successfully infiltrating corporate environments through Active Directory. This emerging threat landscape has led…
Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response Clorox Takes Legal Action Against IT Vendor Over Security Breach Anviksha More (AnvikshaMore) • July 24, 2025 Image: Shutterstock/ISMG Information Security Media Group reports on significant cybersecurity incidents each week. Recently, Ukrainian authorities arrested a suspected admin of the Russian-speaking cybercrime…
Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response Also: Clorox Suing IT Vendor Over Password Incident Anviksha More (@AnvikshaMore) • July 24, 2025 Image: Shutterstock/ISMG Information Security Media Group provides a weekly summary of cyber incidents globally. This week, authorities arrested the suspected admin of the XSS cybercrime forum…
In early July 2025, Qantas, the Australian airline, announced one of the most significant data breaches in its history, revealing that a cyberattack had compromised the personal information of approximately six million customers. The breach occurred through unauthorized access to a third-party call center platform utilized by Qantas, leading to…
