Cyber attacks on M&S, Harrods, and Co-Op: What We Don’t Know, Do Know, and Should Do.

Sam Glynn2025-06-14T07:17:03+01:00May 8, 2025|Tags: cyber attack, daily, operational resilience, rep, risk management|

You’ve probably heard about the recent cyber attacks on Harrods, Co-op, and M&S.

Here’s what we don’t know, do know, and should do.

What We Don’t Know

We don’t know:

How each of these organisations has been attacked (although the rumour is it involved a human being fooled),
How much (if any) data has been stolen, and
How much the attacks and any future regulatory investigations & sanctions will cost.

That will all emerge later.

What We Do Know

We know:

They’re suffering significant operational disruption, and
Their reputations & brands may be suffering significant damage too.

What We Should Do

We should recognise that:

Cyber security incidents aren’t just painful because of the financial cost.
They’re also painful because of the operational disruption and reputational damage.

That’s why we all need to take appropriate steps now to reduce the LIKELIHOOD and IMPACT of an attack in the future.