On Wednesday, Google raised concerns about hackers who have been disrupting UK retailers and might turn their attention to U.S. companies. John Hartquist, an analyst in Google’s cybersecurity division, cautioned in an email, “US retailers need to be careful. These actors are offensive and creative, and are particularly effective at circumventing mature security programs.”
The group behind these attacks is referred to as “scattered spiders,” a term used for a loosely connected network of skilled hackers operating at various levels.
Reports indicate that the scattered spiders were involved in a severe hack targeting M&S, a well-known UK retailer that has been offline since April 25th. Hartquist noted that this group typically focuses on one industry at a time, suggesting that retailers could be a primary target for an extended period.
Just a day before Google issued its warning, M&S disclosed that some customer data had been compromised, although payment methods and account passwords remained secure. The Guardian reports that the accessed information includes names, addresses, and order history. M&S admitted that personal details were accessed due to the “sophisticated nature of the incident.”
A spokesperson for M&S stated, “Today, we let customers know that some of their personal customer data have been taken due to the sophisticated nature of the incident.”
The scattered spider group has been connected to numerous high-profile hacks across the Atlantic. Notably, in 2023, they gained notoriety for breaching MGM Resort International and Caesars Entertainment.
Law enforcement agencies are finding it challenging to combat these scattered spider hacking groups, in part due to their fluid structure and a lack of cooperation from younger hackers and victims of cybercrime.
