Google says hackers that hit UK retailers now targeting American stores
The new Google logo is seen in this illustration taken May 13, 2025. (Photo: REUTERS/Dado Ruvic/Illustration)
WASHINGTON: Alphabet's Google said hackers responsible for paralysing disruptions of UK retailers are turning their attention to similar companies in the United States.
"US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs," John Hultquist, an analyst at Google's cybersecurity arm, said in an email sent on Wednesday (May 14).
Hultquist said the culprit is a group connected with "Scattered Spider", a nickname for a loosely interconnected network of hackers of varying levels of sophistication.
Scattered Spider is widely reported to have been behind the highly disruptive hack at M&S, one of the best known British businesses, whose online operations have been frozen since Apr 25.
The Scattered Spider-connected group has a history of focusing on a single sector at a time and is likely to target retail for a while longer, Hultquist said.
Hackers from the Scattered Spider ecosystem have been behind a slew of disruptive break-ins on both sides of the Atlantic. In 2023 hackers tied to the group made headlines for hacking casino operators MGM Resorts International and Caesars Entertainment.
Law enforcement has struggled to get a handle on hackers tied to Scattered Spider, in part because of the group's amorphousness, the hackers' youth, and a lack of cooperation from cybercrime victims, Reuters has previously reported.
The FBI and the Cybersecurity and Infrastructure Security Agency, America's civilian cyber defense body, did not immediately return a message seeking comment.
Christian Beckner, a vice president with the National Retail Federation, said his members were already alert to the risk of disruptive intrusions from Scattered Spider-linked groups.
"We've been closely tracking everything going on in the UK over the past few weeks," he said. "There aren't geographic boundaries on these threats."
