Business

Cyberattacks on M&S and Adidas expose supply chain vulnerabilities and intensify calls for retail cybersecurity reform

Sunday, 1 June 2025 5:50AM UTC

Recent sophisticated cyberattacks targeting Marks & Spencer and Adidas have revealed critical weaknesses in the UK retail supply chain, prompting urgent investigations and sparking industry-wide demands for stronger cybersecurity measures amid rising threats from groups like Scattered Spider.

Recent cyberattacks on major UK retailers, particularly Marks & Spencer (M&S) and Adidas, have illuminated vulnerabilities in the retail sector, revealing how quickly such incidents can disrupt entire supply chains. The situation is particularly troubling as hackers continue to employ sophisticated methods to infiltrate corporate systems, putting consumer data and business operations at serious risk.

M&S recently confirmed that a third-party vendor was the gateway for a significant cyberattack, leading to serious operational disruptions. This incident is linked to the notorious hacking group, Scattered Spider, known for its adept use of social engineering tactics to breach corporate security. As reported, this breach has already resulted in considerable financial losses, forcing M&S to engage in an internal investigation with Tata Consultancy Services, which has been contracted for over a decade. The investigation aims to determine how the incident occurred and is expected to conclude shortly.

Adidas faced a separate cyber incident which raised alarm bells across the sector. The company reported that an unauthorised external party compromised customer data via a third-party customer service provider. Notably, although the stolen data did not include payment-related information, Adidas described the breach as a serious concern. The brand has initiated a comprehensive investigation and is taking steps to inform affected customers while liaising with appropriate authorities. In a statement, Adidas expressed regret for any distress caused, reinforcing its commitment to consumer privacy and security.

The implications of these incidents extend beyond the individual companies involved. Chris Clowes, Executive Director at SCALA, remarked that disruptions stemming from cyberattacks can rapidly ripple through a business's entire supply chain, resulting in stalled deliveries and diminished stock visibility. In a landscape already strained by geopolitical tensions and climate-related events, such vulnerabilities underscore the urgent need for enhanced cybersecurity measures across the industry.

Moreover, recent trends indicate a surge in cyberattacks targeting major UK retailers, with reports suggesting a coordinated effort by groups like Scattered Spider. This uptick highlights the pressing necessity for companies to build cyber resilience and proactively safeguard their operations, particularly when relying on third-party vendors. The ongoing investigation into the M&S breach and similar incidents prompts a reevaluation of existing cybersecurity frameworks across the retail sector.

As the retail industry faces these mounting challenges, recent events could serve as a catalyst for a broader discussion on best practices in cybersecurity, emphasizing the need for comprehensive strategies to protect not only proprietary information but also consumer trust. In an environment where trust can be easily eroded, proactive measures and robust cybersecurity protocols are no longer optional but imperative for sustaining operational integrity and customer loyalty in the digital age.

The resonance of these incidents also extends to industry gatherings, such as the upcoming Snappy Summit, where leading figures in retail will convene to discuss the evolving landscape of quick commerce. Insights from industry veterans, like Justin King, will undoubtedly touch on these pressing issues, as retailers seek guidance on navigating both innovation and security in 2025 and beyond.

Reference Map:

Paragraph 1 – ^[1], ^[4]
Paragraph 2 – ^[1], ^[2], ^[5]
Paragraph 3 – ^[3], ^[6]

Source: Noah Wire Services

More on this

https://retailtechinnovationhub.com/home/2025/6/1/marks-and-spencer-and-adidas-under-attack-rtihs-rounds-up-its-most-read-articles-from-last-week - Please view link - unable to able to access data
https://www.ft.com/content/6d47ef31-ed80-41cf-a2bd-d0e02a280e22 - This article delves into the activities of Scattered Spider, a notorious hacking group responsible for the recent cyberattack on Marks & Spencer (M&S). The group employs advanced social engineering tactics to infiltrate corporate systems, leading to significant financial losses for M&S. The piece also highlights the group's history of targeting major corporations and their collaboration with other cybercriminals, underscoring the evolving nature of cyber threats in the retail sector.
https://www.ft.com/content/c9bd0a6a-eedf-4c98-8e2d-8deffd851761 - This article examines the broader implications of the M&S cyberattack, emphasizing the increasing vulnerability of businesses to cyber threats. It discusses the challenges companies face in securing their systems, especially when relying on third-party vendors. The piece also highlights the importance of building cyber resilience and the need for businesses to adopt proactive measures to mitigate potential disruptions.
https://www.ft.com/content/5444d2e4-e258-45d2-8ca9-7927e502e3b9 - This article explores the recent surge in cyberattacks targeting major UK retailers, including M&S, the Co-op, and Harrods. It discusses the potential coordinated efforts behind these attacks and the role of groups like Scattered Spider. The piece also highlights the need for businesses to take cybersecurity seriously and the potential consequences of such breaches on customer trust and operational stability.
https://www.bleepingcomputer.com/news/security/marks-and-spencer-breach-linked-to-scatte... - This article provides an in-depth analysis of the M&S cyberattack, linking it to the Scattered Spider hacking group. It details the methods used by the attackers, including the deployment of the DragonForce encryptor. The piece also discusses the ongoing investigation and the steps M&S is taking to address the breach and prevent future incidents.
https://www.helpnetsecurity.com/2025/04/29/marks-spencer-ransomware-breach-incident/ - This article reports on the M&S cyber incident, confirming it as a ransomware attack attributed to the Scattered Spider group. It outlines the effects of the attack on M&S's operations and the company's response, including engaging external cybersecurity experts and notifying authorities. The piece also discusses the broader implications of such attacks on the retail sector.
https://www.theguardian.com/business/2025/may/03/inside-the-marks-and-spencer-cyber-attack-chaos - This article provides an inside look into the chaos caused by the M&S cyberattack, detailing the operational disruptions and financial losses faced by the company. It discusses the potential involvement of the Scattered Spider group and the broader impact of such cyber incidents on the retail industry. The piece also highlights the importance of robust cybersecurity measures and the need for businesses to be prepared for such threats.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 6

Notes: The narrative references recent cyberattacks on Marks & Spencer (M&S) and Adidas, with specific dates and details. The earliest known publication date of similar content is April 28, 2025, when BleepingComputer reported on the M&S breach linked to Scattered Spider. ([bleepingcomputer.com](https://www.bleepingcomputer.com/news/security/marks-and-spencer-breach-linked-to-scattered-spider-ransomware-attack/?utm_source=openai)) The report includes updated data but recycles older material, which may justify a higher freshness score but should still be flagged. Additionally, the narrative includes a reference to a press release, which typically warrants a high freshness score. ([theguardian.com](https://www.theguardian.com/business/2025/apr/30/marks-and-spencer-cyber-attack-products-run-short-in-some-stores?utm_source=openai)) However, the inclusion of recycled content and the reliance on a press release suggest a moderate freshness score. The narrative also mentions that the article rounds up the most-read articles from last week, indicating that the content is a compilation of previously published material. This further supports the moderate freshness score. ([theguardian.com](https://www.theguardian.com/business/2025/apr/30/marks-and-spencer-cyber-attack-products-run-short-in-some-stores?utm_source=openai))

Quotes check

Score: 7

Notes: The narrative includes direct quotes from Chris Clowes, Executive Director at SCALA, and statements from M&S and Adidas. The earliest known usage of these quotes is in the Financial Times article published on May 19, 2025. ([reuters.com](https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/?utm_source=openai)) The quotes are consistent with those found in earlier material, indicating that they have been reused. This suggests that the content may not be entirely original. ([reuters.com](https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/?utm_source=openai))

Source reliability

Score: 8

Notes: The narrative originates from the Retail Technology Innovation Hub (RTIH), a reputable organisation known for its coverage of retail technology news. The Financial Times and Reuters, both reputable organisations, are cited within the narrative. This strengthens the reliability of the information presented. ([reuters.com](https://www.reuters.com/business/retail-consumer/ms-slow-recovery-cyberattack-puts-it-risk-lasting-damage-2025-05-19/?utm_source=openai))

Plausability check

Score: 7

Notes: The narrative discusses recent cyberattacks on M&S and Adidas, attributing them to the hacking group Scattered Spider. These incidents have been widely reported, with details aligning with other reputable sources. The inclusion of specific figures, such as the £300 million loss in operating profits for M&S, is consistent with reports from the Financial Times. ([ft.com](https://www.ft.com/content/6d47ef31-ed80-41cf-a2bd-d0e02a280e22?utm_source=openai)) The tone and language used are appropriate for the subject matter and region, and the structure is coherent. There is no excessive or off-topic detail, and the narrative does not exhibit unusual drama or vagueness. ([ft.com](https://www.ft.com/content/6d47ef31-ed80-41cf-a2bd-d0e02a280e22?utm_source=openai))

Overall assessment

Verdict (FAIL, OPEN, PASS): OPEN

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The narrative provides a summary of recent cyberattacks on M&S and Adidas, referencing reputable sources and including direct quotes. However, the reliance on recycled content and the inclusion of previously used quotes suggest that the content may not be entirely original. The freshness score is moderate due to the recycling of older material and the inclusion of a press release. The source reliability is strong, and the plausibility of the claims is supported by other reputable outlets. Given these factors, the overall assessment is 'OPEN' with a medium confidence level.

Cybersecurity
Retail industry
Supply chain
Marks & Spencer
Adidas
Scattered Spider
Data breach