British Retailer Warns of “Aggressive” Hackers Targeting US Stores and Google | Technology News

Google, a subsidiary of Alphabet, issued a warning on Wednesday, indicating that hackers responsible for disrupting UK retailers are now focused on similar companies in the U.S.

“U.S. retailers need to remain vigilant. These actors are offensive and innovative, particularly skilled at bypassing established security measures,” stated John Hartquist, an analyst in Google’s cybersecurity team, in an email sent Wednesday.

The culprits have identified themselves as part of a group known as “scattered spiders,” which refers to a loosely connected network of highly skilled hackers operating at various levels.

The scattered spiders have been linked to a notably severe cyberattack on M&S, a prominent name in UK retail, which has been unable to conduct online business since April 25th. Hultquist mentioned that this group tends to fixate on one sector at a time and is expected to target retailers for an extended period.

Just a day prior to Google’s alert, M&S revealed that some customer data had been compromised, excluding payment information, card details, or account passwords. Sources indicate that the data may include names, addresses, and order history. M&S acknowledged that personal information was accessed due to the “sophisticated nature of the incident.”

“Today, we are informing customers that some of their personal data have been acquired due to the sophisticated nature of the incident,” the company stated.

Hackers from the scattered spider network have been linked to numerous damaging breaches on both sides of the Atlantic. In 2023, group-associated hackers made headlines for infiltrating casino operators MGM Resort International and Caesars Entertainment.

Law enforcement agencies are struggling to manage the scattered spider hacking groups. This challenge is partly attributed to their fluid structure, uncooperative younger hackers, and the complexities faced by cybercrime victims.