British Police Arrest Four People Related To Cyberattacks Against M&S, Co-op, And Harrods

JAKARTA - The UK National Crime Agency (NCA) announced the detention of four people under the age of 21 in connection with a cyberattack investigation that disrupted the operations of famous British retailers Marks & Spencer (M&S), Co-op, and Harrods.

The ransomware attack on M&S in April 2025 was the worst, forcing the company to halt online shopping services for clothing for nearly seven weeks and causing a loss of around 300 million pounds (approximately IDR 6.5 trillion) from operating profit.

The NCA stated that four suspects, three men aged 19, 19, and 17 as well as a 20-year-old woman, were detained in West Midlands and London. They are suspected of violating the Law on Computer Abuse, extortion, money laundering, and involvement in organized crimes. Detentions were carried out in their respective homes, with the confiscation of electronic devices for further investigation by the NCA National Cyber Crime Unit.

On Tuesday 8 July, M&S Chairman Archie Norman revealed to lawmakers that the company had coordinated with the US FBI regarding this cyberattack. He said the attack involved "loss-connected parties" under the alleged leadership of a group called DragonForce.

Norman also called for British companies to be legally required to report major cyberattacks, claiming that two major attacks on large UK companies were recently not reported.

M&S has again received an online order for clothing lines on June 10 after 46 days of shutdown, but the "click and take" service has not been restored. Last week, CEO Stuart Machin told investors that the worst impact of this attack is expected to be over in August.