Inside the M&S and Coop Ransomware Attacks. Could CyberCyte Have Prevented the Breaches?

The recent cyberattacks on Marks & Spencer (M&S) and The Cooperative Group (Co-op) in the UK, which occurred in April and May 2025, involved sophisticated social engineering tactics and ransomware deployment, primarily linked to a hacking group known as Scattered Spider, with some reports suggesting the use of Dragon Force ransomware. This whitepaper discusses possible steps of how the attack happened, and an outline of CyberCyte’s Shadow-IT and Al capabilities that can create an early detection for such attacks.

It is also recommended to watch our three-minute video to get an insight into CyberCyte’s detection and prevention capabilities from the link at the end of whitepaper.