Four individuals have been arrested in the United Kingdom as part of an investigation into the recent cyberattacks targeting major retailers, the country’s National Crime Agency (NCA) announced.
The suspects are a 20-year-old woman and three males, two aged 19 and one aged 17. They were arrested in the West Midlands and London in the morning of July 10 at their homes.
They are suspected of hacking, blackmail, money laundering, and participation in an organized crime group.
Police seized their electronic devices and the suspects remain in custody for questioning.
The four are believed to have been involved in the recent cyberattacks on retailers Marks & Spencer (M&S), Co-op, and Harrods.
A ransomware group calling itself DragonForce took credit for the attacks and the cybersecurity industry has linked the hacks to the notorious cybercrime group named Scattered Spider. The hackers were later spotted targeting US retailers as well.
Law enforcement agencies around the world have been stepping up their efforts against the cybercrime group. The US charged and arrested several alleged members in late 2024, and one individual has pleaded guilty, but attacks have since continued.
A 22-year-old man from the United Kingdom was arrested last month in Spain over his alleged leadership role in the Scattered Spider group, but the security industry has since continued issuing warnings.
Whether the recent arrests of alleged Scattered Spider members will have an impact on the group’s activities remains to be seen. However, Charles Carmakal, CTO of Google Cloud’s Mandiant Consulting unit, is optimistic.
“The arrests of alleged Scattered Spider members is a significant win in the ongoing fight against this collective,” Carmakal told SecurityWeek. “Their aggressive social engineering tactics and relentless pursuit of access have proven particularly challenging for many defenders, and resulted in considerable damage to organizations in the UK and US.”
“This action by law enforcement underscores the critical importance of international collaboration in combating cybercrime. Previous arrests have impacted their operations, causing a significant lull in activity. This is a critical window for organizations to fortify their defenses against this collective,” he added.
*updated with comments from Mandiant
Related: Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks
Related: Alleged Chinese State Hacker Wanted by US Arrested in Italy
Related: British Man Suspected of Being the Hacker IntelBroker Arrested, Charged
