M&S and Co-op customers warned over common task after 20 million members targeted

Major cyberattacks targeting two popular UK retailers have sparked widespread chaos in recent weeks. It is believed hackers, said to be part of a criminal group nicknamed 'DragonForce', posed as employees to gain access to the firms' network.

The assault resulted in the Co-operative and Marks & Spencer scrambling to keep up with online orders and stock availability, with some stores only being able to operate on a cash-only basis. Confused customers flocked to social media, showing how swathes of shelves had been left empty, while warning signs on meal deal availability had also been erected in certain stores.

"As part of our proactive management of a cyber incident, we have made the decision to pause taking orders via our M&S.com websites and apps," M&S stated on April 25. "Our product range remains available to browse online. We are truly sorry for this inconvenience. Our stores are open to welcome customers."

On May 2, a spokesperson for the Co-op revealed it was continuing to experience 'sustained malicious attempts by hackers to access' their systems. "This is a highly complex situation, which we continue to investigate in conjunction with the NCSC and the NCA," it added.

"We have implemented measures to ensure that we prevent unauthorised access to our systems whilst minimising disruption for our members, customers, colleagues and partners. As a result of ongoing forensic investigations, we now know that the hackers were able to access and extract data from one of our systems."

It is widely reported that hackers managed to access data from 20 million past and current members of the Co-operative, while Marks & Spencer - which saw its shares tank - has yet to disclose whether personal data was stolen at all. The Co-op has reassured customers that the stolen data only includes names and contact details - and not passwords or financial information.

Experts say the series of cyberattacks expose the retail sector's 'critical vulnerability' and have been described as a 'wake up call' by Cabinet minister Pat McFadden, as he announced a boost in cybersecurity investment. "What we have seen over the past couple of weeks should serve as a wake-up call for businesses and organisations up and down the UK, as if we needed one, that cybersecurity is not a luxury but an absolute necessity," he added.

WHATSAPP GROUP : Get money news and top deals straight to your phone by joining our Money WhatsApp group here. We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don’t like our community, you can check out any time you like. If you’re curious, you can read our Privacy Notice.

NEWSLETTER : Or sign up to the Mirror's Money newsletter here for all the best advice and shopping deals straight to your inbox.

If you're concerned about ransomware attacks, consumer brand Which? has warned against one common task you may not normally think twice about. "Don't download attachments you haven't been expecting or click on links that are trying to persuade you to give away personal details," the brand said. "You can always contact a company directly if you want to check if a message is genuine."

The publication also advised only downloading software/apps from a 'trusted source' and making sure you look for 'reputable software manufacturers when deciding what to download'. Updating your PC to the latest software will also help keep your security protection.

"Windows 10 and 11 allow you to turn on a setting that protects folders from unauthorised programs such as ransomware," Which? explained. "To turn it on, open the Windows Security app (select the shield icon from your Taskbar – if you can't see it, click Show hidden icons, which looks like ^). Scroll down, select Ransomware protection and click Controlled folder access to turn it on."

Do you have a story to share? Email us at [email protected] for a chance to be featured.