“Early detection of supply chain vulnerabilities is vital to minimising the impact of such breaches.
“These events are highly disruptive and stressful for everyone involved in restoring systems and resuming operations. They serve as a further reminder to reassess your IT resilience.
“While third-party vendors are essential to supply chain efficiency, it’s important to ask the following questions: Do they have the right security controls in place? Can you detect system infiltration early enough to contain the damage? Are your incident response plans ready to activate and restore business continuity at speed?
“With its complex global networks, the automotive industry remains a high-value target for cyberattacks.
“Continued investment in third-party risk and resilience audits, real-time monitoring and rapid response strategies is essential to contain threats and recover swiftly, ensuring operational integrity and customer trust.”
The rise in cyber attacks on household names
In 2025 alone, there has been a sharp increase in cyber attacks targeting major household brands, exposing the vulnerabilities of even well-established companies with significant resources.
Aforementioned retail giants such as M&S, Co-op and Harrods, as well as Adidas and Pandora, have all faced disruptive cyber incidents, ranging from ransomware deployments to unauthorised system access, leading to operational paralysis, significant data breaches and considerable financial losses.
In the case of M&S, the cyber attack caused an estimated £300m (US$402m) profit hit due to lost sales, supply chain disruption and operational costs, while also impacting customer trust and leading to data theft.
The attack, which lasted for nearly a month and affected M&S’ fashion, home and food divisions, forced the company to suspend online orders and caused empty shelves in stores.
Co-op’s attempted ransomware breach forced system shutdowns across 2,300 stores, disrupting supply chains and exposing sensitive member data.
Harrods managed to prevent a cyberattack but had to restrict internet access and shut down select systems as a precaution.
This calibre of incident is often linked to sophisticated hacker groups employing social engineering and phishing tactics that exploit third-party vendor weaknesses.
The attacks also expose how interdependent and digitised business operations have become, making any disruption potentially devastating.
And, as highlighted by industry experts, breaches spotlight the critical importance of cybersecurity vigilance, third-party risk management and rapid incident response capabilities for maintaining business continuity and protecting consumer data.
Shankar Haridas, Head of UKI at ManageEngine, says: “These back-to-back security incidents, especially on major global brands, is definitely a matter of concern.
link