M&S hackers suspects in Legal Aid Agency cyber-attack

Eloise Hill
M&S
GroceryNewsTechnology

The hacking group behind the M&S cyber attack has been linked to a cyber-attack on Britain’s legal aid system.

The Scattered Spider group, which carried out a series of cyber-attacks on various British retailers earlier in the year, is thought to be working with another group named the Shiny Hunters which has acknowledged responsibility for the Legal Aid Agency hack, The Telegraph reported.

Professor Alan Woodward, a cybersecurity expert from the University of Surrey,  said a recent “convergence of tactics” between the two groups suggested that Scattered Spider and the Shiny Hunters had likely formed one group which was now working to launch cyber-attacks.

He explained that the collaboration involved Scattered Spider launching the initial stages of attacks where they infiltrated online systems before the Shiny Hunters worked to steal data which could be held to ransom or sold online.

“Scattered Spider often manages to get in, and then the Shiny Hunters are the ones that steal the data and effectively hold it to ransom,” he said.

Related Story

Director at cybersecurity firm ReliaQuest also noted: “Rather than it being a formal partnership, they instead work opportunistically.

“Whilst we don’t know for sure who is behind them, recent arrests in the US and UK indicate that Scattered Spider is predominantly made up of English speakers, whereas Shiny Hunters is more global.”

It comes after the Government initially disclosed a cyber-attack on the Legal Aid Agency in April. It now believes that the hackers involved were able to steal personal data from hundreds of thousands of people who applied for legal aid from 2007 to 2025.

M&S was hit with a cyber-attack earlier this year, with the retailer initially issuing an apology after customers across the UK were left unable to use contactless payments or click-and-collect services over the Bank holiday weekend in April.

Last month, it was reported that the brand was still grappling with the fallout from the attack, with several of its internal IT systems yet to fully recover.

Click here to sign up to Retail Gazette‘s free daily email newsletter

GroceryNewsTechnology

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

GroceryNewsTechnology
Eloise Hill

Share:

M&S hackers suspects in Legal Aid Agency cyber-attack

M&S

Social

LinkedIn
RSS


SUBSCRIBE TO OUR DAILY NEWSLETTER

  • This field is for validation purposes and should be left unchanged.

Most Read

The hacking group behind the M&S cyber attack has been linked to a cyber-attack on Britain’s legal aid system.

The Scattered Spider group, which carried out a series of cyber-attacks on various British retailers earlier in the year, is thought to be working with another group named the Shiny Hunters which has acknowledged responsibility for the Legal Aid Agency hack, The Telegraph reported.

Professor Alan Woodward, a cybersecurity expert from the University of Surrey,  said a recent “convergence of tactics” between the two groups suggested that Scattered Spider and the Shiny Hunters had likely formed one group which was now working to launch cyber-attacks.

He explained that the collaboration involved Scattered Spider launching the initial stages of attacks where they infiltrated online systems before the Shiny Hunters worked to steal data which could be held to ransom or sold online.

“Scattered Spider often manages to get in, and then the Shiny Hunters are the ones that steal the data and effectively hold it to ransom,” he said.

Related Story

Director at cybersecurity firm ReliaQuest also noted: “Rather than it being a formal partnership, they instead work opportunistically.

“Whilst we don’t know for sure who is behind them, recent arrests in the US and UK indicate that Scattered Spider is predominantly made up of English speakers, whereas Shiny Hunters is more global.”

It comes after the Government initially disclosed a cyber-attack on the Legal Aid Agency in April. It now believes that the hackers involved were able to steal personal data from hundreds of thousands of people who applied for legal aid from 2007 to 2025.

M&S was hit with a cyber-attack earlier this year, with the retailer initially issuing an apology after customers across the UK were left unable to use contactless payments or click-and-collect services over the Bank holiday weekend in April.

Last month, it was reported that the brand was still grappling with the fallout from the attack, with several of its internal IT systems yet to fully recover.

Click here to sign up to Retail Gazette‘s free daily email newsletter

GroceryNewsTechnology

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

RELATED STORIES

Most Read

Latest Feature


Menu


Close popup

Please enter the verification code sent to your email: