Retail Security | Breaking Cybersecurity News | The Hacker News

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West Midlands and London on suspicion of Computer Misuse Act offenses, blackmail, money laundering, and participating in the activities of an organized crime group. All four suspects were arrested from their homes and their electronic devices have been seized for further forensic analysis. Their names were not disclosed. "Since these attacks took place, specialist NCA cybercrime investigators have been working at pace and the investigation remains one of the Agency's highest priorities," Deputy Director Paul Foster, head of the NCA's National Cyber Crime Unit, said in a statement. "Today's arrests are a significant step in that investigation ...

From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here's how five retail breaches unfolded, and what they reveal about... In recent months, major retailers like Adidas, The North Face, Dior, Victoria's Secret, Cartier, Marks & Spencer, and Co‑op have all been breached. These attacks weren't sophisticated malware or zero-day exploits. They were identity-driven, exploiting overprivileged access and unmonitored service accounts, and used the human layer through tactics like social engineering. Attackers didn't need to break in. They logged in. They moved through SaaS apps unnoticed, often using real credentials and legitimate sessions. And while most retailers didn't share all the technical details, the patterns are clear and recurring.  Here's a breakdown of the five recent high-profile breaches in retail: 1. Adidas: Exploiting third-party trust Adidas confirmed a data breach caused by an ...