Four young adults have been arrested in the UK, suspected of involvement in the damaging cyber attacks targeting Marks & Spencer, the Co-op, and Harrods.
The UK’s National Crime Agency (NCA) stated that the arrests took place early Thursday morning. The individuals are suspected of blackmail, money laundering, offenses relating to the Computer Misuse Act, and participation in the activities of an organised crime group.
Those arrested include a 17-year-old British male from the West Midlands, a 19-year-old Latvian male from the West Midlands, a 19-year-old British male from London, and a 20-year-old British female from Staffordshire.
All four were arrested at their home addresses and remain in custody.
Electronic devices were also seized from the properties by law enforcement.
These arrests are the result of NCA investigations into cyber attacks against the three retailers, where hackers demanded ransom payments after gaining unauthorized access to their IT systems.
M&S was the first retailer targeted, responding to the attack on Easter Sunday by shutting down a significant number of systems.
The company has indicated that the cyber attack cost the firm approximately £300m (€347.7m) due to the website being offline for six weeks.
The Co-op experienced payment disruptions and stock shortages beginning in May as a result of their cyber attack.
Hackers also compromised Co-op members’ personal data, including names and contact information.
Harrods limited internet access to its websites in May following attempts of unauthorized system access.
These arrests represent a significant advance in police investigations of these attacks, which have been linked to the Scattered Spider hacking group.
Paul Foster, Head of the NCA’s National Cyber Crime Unit, said: “Since these attacks took place, specialist NCA cybercrime investigators have been working at pace, and the investigation remains one of the agency’s highest priorities.
“Today’s arrests are a significant step in that investigation, but our work continues, alongside partners in the UK and overseas, to ensure those responsible are identified and brought to justice.
“Hopefully, this signals to future victims the importance of seeking support and engaging with law enforcement as part of the reporting process.”
This news follows comments from M&S chairman Archie Norman to MPs that two other “large British companies” have been affected by unreported cyber attacks in recent months, as he described the “traumatic” attack on his company.
An M&S spokeswoman commented: “We welcome this development and thank the NCA for its diligent work on this incident.”
