The National Cyber Security Centre (NCSC) has issued a warning following recent cyber attacks targeting major retailers including Marks & Spencer, Co-op, and Harrods. Criminal hackers have reportedly impersonated IT help desks to infiltrate company systems, a tactic known as social engineering. The NCSC urges organisations to review their password reset procedures and authentication processes, especially for senior staff with high-level access. Cybersecurity experts advise using multi-layered verification methods, including codewords, to prevent breaches. Although an anonymous group claiming responsibility, calling themselves DragonForce, denies links to the notorious Scattered Spider hacking collective, the methods used are strikingly similar. These hackers have previously carried out high-profile attacks, including on Las Vegas casinos. The NCSC emphasises vigilance against risky logins and unusual account activity. Law enforcement is investigating, with ongoing efforts to confirm links between recent attacks. The Co-op has admitted customer data was compromised, while M\&S’s breach is under investigation. Businesses are reminded to bolster security, as this wave of attacks highlights the evolving threat landscape in today’s digital world.