TL;DR
In 2025, UK cyber attacks have intensified dramatically and we have seen a wave of high-profile cyber attacks in the UK. From M&S and Co-op to platforms like Mailchimp and HubSpot, major businesses have been hit by phishing, supply chain compromise, and social engineering. This article outlines the top incidents so far, how attackers are gaining access, and what SME leaders can learn to strengthen their cyber defences.
*Check out our special attack brief we sent to our clients as soon as the attacks occurred – Special Attack Brief Edition: M&S, Co-op and Harrods Cyber Breach – Dial A Geek
Why Are UK Businesses Under Attack in 2025?
Cyber threats are evolving rapidly. Attacks are increasingly:
- Powered by AI tools
- Delivered through believable emails
- Targeting third-party vendors instead of just your systems
And the consequences are no longer just IT-related. Due to UK cyber attacks in 2025, Businesses are facing reputational fallout, financial losses, and legal obligations.
The Impact of UK Cyber Attacks in 2025
- Online operations disrupted
- Retail transactions blocked
- Customer data stolen
- Public trust damaged
The five incidents below highlight where weaknesses were exposed and what the response looked like.
1. Marks & Spencer: Social Engineering Breach
Timeline: April–May 2025
Suspected groups: Scattered Spider, DragonForce
What happened:
- Online orders and gift card systems failed
- Delivery processes were interrupted
- Customer data was accessed via targeted phishing emails
Takeaway: Even strong cybersecurity systems can be bypassed by a convincing email. Human error remains one of the most common entry points.
2. Co-op: Supply Chain Chaos in 2,300 Stores
Timeline: May 2025
What happened:
- Stock delivery systems failed
- Point-of-sale operations went offline
- Widespread disruption in-store and behind the scenes
Takeaway: An IT issue quickly becomes a business continuity problem. Contingency planning must cover logistics and customer experience, not just technical recovery.
3. Email Platform Breaches: Widespread Third-Party Risk
Timeline: April 2025
Platforms affected: Mailchimp, HubSpot, SendGrid, Mailgun, Zoho
What happened:
Hackers used phishing to compromise backend systems and sent fraudulent messages pretending to be invoices or alerts. Thousands of UK businesses and customers were affected.
Takeaway: You may not be the direct target, but your vendors can expose you. Vet your providers and understand their security protocols.
4. Hertz: Limited Disclosure, Global Impact
Timeline: April 2025
What happened:
- Confirmed breach with UK customer exposure
- No clear details or timeline provided
Takeaway: If you suffer a breach, delayed communication only increases reputational damage. Your crisis response should include ready-to-deploy public messaging.
5. The January Leak: 18.8 Million Records, Unknown Victim
Timeline: January 2025
Attacker alias: “b0nd”
What happened:
- Nearly 19 million records allegedly stolen
- Company not identified
- Attack largely unnoticed in mainstream media
Takeaway: Not all incidents are public. Without regular audits, a business could be compromised and not even know it.
How Are These Attacks Happening?
Attackers are combining old techniques with new capabilities:
- Phishing, often generated by AI and personalised to employees
- Ransomware, still effective and now paired with public threats
- Social engineering, used to gain initial access
- Supply chain attacks, exploiting vendors to reach you
Groups like Scattered Spider and DragonForce are executing blended attacks using both technology and psychology.
2025 in Numbers
- More than 8.5 million cybercrimes reported in the UK so far
- Nearly 50% of UK businesses have suffered at least one cyber attack
- Retail, logistics, and digital-first organisations are hardest hit
What Should Businesses Be Doing Right Now?
The lessons from 2025 are clear. Here’s how to apply them
- Test your backups regularly. Verify they work and are kept offline.
- Train your staff. Your team is your first and last line of defence.
- Review vendor security. Supply chain risk is real and growing.
- Create a response plan. Be ready to communicate clearly and quickly.
Additional Resources;
Final Thoughts: What This Means for SMEs
UK cyber attacks 2025 are attacking household names with full IT departments. Smaller businesses need to assume they’re targets too.
Not sure where to begin? Start with our Cyber Incident Response guide for SMEs.
You can’t count on avoiding trouble. But you can prepare for it.
At Dial A Geek, we help businesses like yours build stronger cyber defences, prepare response strategies, and stay one step ahead of evolving threats.
We’ve already helped more than 1,000 businesses across Bristol and the UK do just that. Ready to protect yours?
Call 0117 369 4335 or book a chat with Gildas below now.