In partnership with

Cyber Attacks Hit M&S, Co-op, and Harrods 🛍️

Hey there! 👋

The UK retailers Marks & Spencer, the Co-op, and Harrods have all been hit by cyberattacks. This is causing major disruption to their operations and raising some serious questions about cybersecurity.

Let’s dive into what’s happening and how law firms could be involved.

Don't have time for the full scoop? No worries, we've got you covered with a quick summary: click here

What's going wrong? 😕

• M&S was hit with a major cyber attack over the Easter weekend. Hackers used ransomware to lock up systems. Online orders stopped and so did Click & Collect and contactless payments. Staff couldn’t access product data or update shelves. M&S is still recovering and its market value dropped by £678m the week after.

• Co-op says it stopped an attack in April by quickly taking systems offline. But a hacker group claims to have stolen personal data of 20 million members. This includes names, phone numbers, email addresses, and dates of birth. Co-op is investigating.

• Harrods confirmed it had to restrict internet access after detecting unauthorised access attempts. Unlike M&S and Co-op, there was no confirmed breach, but the retailer still shut down systems as a precaution.

How does this impact businesses? 📊

Lost sales 💸

When M&S was hit, parts of its website stopped working. Customers couldn’t place orders. In stores, deliveries were delayed, so some items weren’t available. M&S probably lost thousands in sales during that time.

Retail runs on tight margins. Even a short disruption can mean missed targets, wasted marketing campaigns, or empty shelves. That affects profits and could damage relationships with suppliers too.

Smaller businesses take a hit too 📉

Nails Inc., a beauty brand, was launching a new product with M&S. The cyberattack messed up the schedule. The launch had to be delayed.

This shows how one company’s attack affects others. Smaller brands often rely on big retailers to reach customers. If the big retailer goes down, they lose out too. And they may not have the resources to recover quickly.

Loss of trust 💔

Retailers like Harrods and Co-op hold a lot of personal data: names, email addresses, phone numbers, and sometimes payment info. If customers think that data isn’t safe, they might stop shopping there.

Trust is hard to win and easy to lose. A single breach can damage a brand’s reputation for years, especially if people feel their personal data wasn’t protected.

How would a law firm be involved? ⚖️

• Data Breach: If personal data was accessed (like at Co-op), companies must report to the ICO within 72 hours under UK GDPR. That includes telling affected customers. Lawyers help decide what must be reported and draft the notices.

• Disputes: If the company didn’t have strong enough security systems, the ICO might start investigating. The regulator will look at whether the company followed data protection rules. If not, there could be large fines. Lawyers guide the company through this process. They help explain what went wrong and try to reduce the risk of a fine.

• Insurance: Cyber insurance may cover some of the costs of an attack. This can include things like lost business or ransom payments. But insurance claims often get tricky. The insurer might argue that the policy doesn’t apply or that the company broke the terms. Lawyers may assist in reviewing the wording of the policies and fight over what it covers.

100 Genius Side Hustle Ideas

Don't wait. Sign up for The Hustle to unlock our side hustle database. Unlike generic "start a blog" advice, we've curated 100 actual business ideas with real earning potential, startup costs, and time requirements. Join 1.5M professionals getting smarter about business daily and launch your next money-making venture.

Get the guide

🗞 Other news

Apple Shifts iPhone Production to India 📱

Apple says most iPhones sold in the US will soon be made in India, as the tech giant moves production out of China to avoid US tariffs. Vietnam will also play a key role, producing iPads, MacBooks, and more. CEO Tim Cook says the shift will take years and cost billions, but is part of a wider $500bn investment in the US. The move comes as Apple tries to dodge up to $900m in new import taxes and ease political pressure to “make in America.”

TikTok Fined €530m Over Data Transfers to China 🔐

TikTok has been hit with a €530 million ($600m) fine by Ireland’s Data Protection Commissioner for failing to safeguard EU user data. Regulators say the app allowed staff in China to access personal data without enough protection, potentially breaching EU privacy laws. TikTok plans to appeal, saying it’s tightened data access and never shared info with Chinese authorities. It’s the platform’s second major fine in Europe in under two years.

I hope you enjoyed this article. See you next week! 👋

Written by Chirag Morar