Slovenčina 
Čeština 
Shqiptare 
Österreich 
België 
български 
Bosanski 
Українська 
Eesti 
Македонски 
Türkçe 
Deutsch 
Dansk 
Español 
Français 
Suomi 
Ελληνικά 
Hrvatski 
Magyar 
Schweiz 
Italiano 
Lietuvių 
Latviešu 
Nederlands 
Norsk 
Polski 
Português 
Română 
Srpski 
Slovenščina 
Svenska 
The National Crime Agency conducted dawn raids across England, arresting a 20-year-old woman in Staffordshire and three males in London and the West Midlands. One suspect is from Latvia, while the others are British nationals.
M&S suffered the most severe impact, with hackers stealing massive amounts of customer and staff data before deploying ransomware that crippled IT systems.
The chairman told MPs the attack felt like “an attempt to destroy the business.”
Operations remain affected until late July, with some systems not expected to recover until November. The financial damage: £300 million in lost profits.
Co-op faced weeks of bare shelves after criminals breached their systems and stole millions of customers’ private data. The company was forced to disconnect from the internet at the last moment to prevent ransomware deployment, narrowly avoiding even worse disruption.
Harrods also came under attack but managed to limit operational impact by quickly disconnecting IT systems.
How the crime unfolded
The wave began in mid-April when M&S was first breached. Hackers sent offensive emails demanding payment to the retailer’s executives. When M&S refused, criminals escalated by targeting Co-op just days later. The attacks showed clear coordination and escalation tactics typical of organised cybercrime groups.
Co-op initially downplayed their breach until hackers contacted the BBC with proof of the attack’s severity, forcing the company to admit the full extent of the damage.
The suspects were charged under the Computer Misuse Act alongside serious financial crimes. The inclusion of blackmail and money laundering charges suggests the operation involved sophisticated payment demands and attempts to clean stolen funds. Paul Foster from the NCA’s National Cyber Crime Unit called the arrests a “significant step” but warned the investigation continues with international partners.
The case highlights how teenagers can cause hundreds of millions in damage to major corporations using ransomware and data theft techniques once reserved for state-sponsored hackers.
Based on BBC reporting
