What do M&S, Harrods, and Co-op have in common this April? They were all targets of serious cyberattacks—some of the biggest we've seen in retail this year.

As Q2 kicks off, April 2025 reminded us that cyber threats aren't slowing down. From high-profile retail breaches in the UK to cutting-edge innovations from OpenAI and Palo Alto Networks, this past month brought urgency—and opportunity—for every security-conscious business leader. 

If you work to protect data, customers, or IT assets, or if you want to stay ahead of potential threats, Infosprint Technologies, an IT consulting firm, will keep you informed about the most critical developments you may have missed.

Notable Cybersecurity Breaches: A Deep Dive Into Major Incidents

In April, significant cyberattacks targeted premium brands, including phishing attacks, malware incidents, cloud breaches, and ransomware attacks. These incidents resulted in considerable financial losses and even disrupted some services. While some top brands could mitigate these risks effectively, others were less fortunate. Let’s dive deeper into the details.

UK Retailers Under Siege: M&S, Harrods, and Co-op Cyberattacks Explained

1. Marks & Spencer Retail 

Marks & Spencer (M&S), one of Britain’s largest retail chains, recently suffered a significant cyberattack that disrupted its operations and affected customer transactions. 

The cyberattack commenced on Monday and specifically targeted two key aspects of M&S's services:

• Contactless Payments: Customers faced issues with processing payments made via contactless methods. 
• Click-and-Collect Orders: The attackers compromised the functionality of click-and-collect orders, forcing the company to suspend these services temporarily.

• Operational Response: In light of the cyberattack, M&S took immediate action: The company halted all online orders through its website. Customers who had already made advance payments could still collect their products from the nearest physical store.
• Customer Reactions: Some users took to social media platforms to share their experiences regarding the disruption. Feedback included Frustrations over the inability to complete online orders and confusion regarding the collection process for prepaid orders. 
• M&S's Commitment to Security: In response to this incident, M&S will likely evaluate and strengthen its cybersecurity defenses to safeguard client information and prevent future attacks. 

2. Harrods Luxury Retail 

Harrods, a leading name in luxury retail, recently faced a cyberattack that aimed to gain unauthorized access to its systems. Its IT team managed the situation effectively, showcasing its robust response strategy.

• Type of Attack: The cyberattack involved attempts to breach the company’s digital infrastructure.
• Response Actions: The IT professionals at Harrods promptly mitigated the threat by restricting customers' internet access. This preventive measure helped safeguard their internal systems.
• Customer Access: Limiting internet access temporarily affected customer interactions, ensuring the system's security remained intact. 
• Risk Mitigation: By swiftly addressing the threat, Harrods minimized potential risks and protected sensitive customer and company data.

“Marijus Briedis, CTO of NordVP, stated that it is a worrying sign of the direction that cyberattackers are taking; they are not only after sensitive company data but also customer personal information.”

3. CO-OP Retail Chain Cyberattack: Impact and Response

Recently, the group that owns 2,000 grocery stores, 8,000 funeral homes, and legal and financial services faced a cyberattack. This occurred within a week of their efforts to target the hackers who compromised M&S. In response to this threat, CO-OP immediately shut down specific IT systems to safeguard its operations and customer data.

• Impact on Operations: The cyberattack has had several implications, particularly for remote employees:
• Remote Work Disruptions: Employees working remotely are currently experiencing inconveniences due to blocked access to essential systems.
• Affected Systems: The stock monitoring system is among the services impacted by the attack.
• Service Availability: Despite the challenges posed by the cyberattack, CO-OP is committed to maintaining service continuity. The company has assured its users that:
• Full Functionality: All services—including rapid home deliveries, funeral home operations, and in-store services—are fully operational.
• Business as Usual: Customers are encouraged to continue their typical shopping habits through online purchases or visits to physical stores.
• Customer Assurance: CO-OP has emphasized that no customer data was compromised during the cyberattack. The company is dedicated to transparency and will frequently update consumers to keep them informed and alleviate any concerns.
• Final Declaration: As CO-OP navigates the aftermath of this cyberattack, it remains focused on ensuring customer satisfaction and maintaining service integrity.Users are told to stay up to date on the latest news by reading official messages.

Is your retail business prepared for ransomware threats? Schedule a free Cybersecurity Readiness Audit with Infosprint Technologies →

The Biggest Supply Chain Hack of 2025: Oracle Ransomware Attack

Oracle Cloud Infrastructure (OCI) has encountered multiple cyberattacks this year, leading to concerns about the security of its cloud services. Despite these incidents, Oracle has denied any significant impact on its current cloud infrastructure, assuring customers of their safety. However, the attacks have targeted legacy Oracle Cloud Classic and Oracle Health systems.

• Extent of Data Breach: The recent breach related to Oracle Cloud Classic resulted in losing up to 6 million records. This raises a significant alarm regarding protecting sensitive data in legacy systems.
• Oracle Cloud Classic: Primarily impacted during the cyberattacks. 
• Oracle Health: Also linked to the legacy systems that faced threats.
• Security Measures Implemented: In response to the cyberattacks, Oracle has released multiple security patches designed to address various vulnerabilities identified in its environment.
• Customer Assurance: Oracle has subtly communicated to its customers that the core cloud infrastructure remains unaffected by these incidents, emphasizing that current users should not experience security issues.

April 2025 Tech Innovations: AI Advancements in Cybersecurity

April 2025 was packed with noteworthy product launches, software upgrades, and platform innovations to help organizations avoid increasingly sophisticated attacks. From AI-enhanced security suites to zero-trust network upgrades, this month's focus was clear: speed, intelligence, and automation.

Palo Alto’s AI Leap: Prisma AIRS Launch

The rise of AI-driven cyberattacks, ranging from deepfake phishing to automated zero-day exploits, calls for equally advanced defense systems. Traditional security tools cannot keep up with these real-time, self-evolving threats.

Palo Alto Networks has acquired Protect AI, which secures AI pipelines and machine learning models to address this challenge. This acquisition represents a strategic move and a shift in vision. In the same month, Palo Alto launched Prisma “AIRS,” a platform that:

• Offers AI-native protection for LLMs, AI agents, and data pipelines
• Detects tampering in AI model training.
• Provides runtime behavior monitoring for bots and agents
• Supports compliance with AI safety frameworks

Business-Wide Benefits: Why It’s a Game-Changer

• Proactive Defense: Shift from detecting symptoms to defending AI at its root—the model level.
• Cross-Environment Security: Whether on-prem, in cloud, or hybrid AI stacks, Prisma AIRS works across environments.
• Compliance Readiness: With AI regulations looming globally, having built-in controls for explainability, fairness, and monitoring will help organizations stay audit-ready.
• Trust at Scale: Companies can deploy AI faster and more confidently, knowing they have guardrails.

OpenAI's GPT-4.1: AI Just Got Smarter—and Safer

OpenAI made major waves in April 2025 with two significant announcements that signaled a deeper push into real-world enterprise applications and cybersecurity. One is GPT 4.1 AI coding for software developers, the first investment in adaptive security.

1. Precision AI for Code and Software Engineering

OpenAI has significantly upgraded its foundational model series for software developers. Unlike GPT-4.0, GPT-4.1 is designed for understanding, debugging, and generating structured code.

• Code-Aware Reasoning: GPT-4.1 has enhanced its ability to retain context across multi-file codebases and can reason through dependencies in real-world software projects.
• Bug Identification and Auto-Patching: It can detect bugs, recommend patches, and generate secure code with fewer inaccuracies and improved syntax precision.
• Security-Focused Output: By default, GPT-4.1 minimizes insecure coding patterns, such as SQL injection vulnerabilities, hardcoded credentials, and unsafe API usage.
• IDE Plugins: Seamless integrations with platforms like Visual Studio Code and JetBrains have been introduced, allowing developers to use GPT-4.1 directly within their development environments.

2. Open AI’s First Cybersecurity Investment: Adaptive Security

What is adaptive security? Adaptive security is AI-Native focused technology that protects organizations on behavior-based threat detection by leveraging contextual telemetry, continuous learning models, and autonomous response systems.

Why OpenAI Invested:

• Strategic Alignment: Adaptive Security's models enhance OpenAI's vision of trustworthy AI by protecting the environments where AI functions.
• AI-First Security: The company utilizes machine learning to detect attacks, predict them, and prevent them, crucial in a world where traditional rule-based systems cannot keep pace.
• Zero Trust Integration: Their platform offers microsegmentation, adaptive authentication, and behavioral analytics to verify access at all levels continuously.

Business Impact: How This Will Help Companies Secure Smarter

For enterprises using GPT 4.1: 

Organizations can now build AI products faster and more securely, reducing the need for extensive third-party audits. By combining this with Adaptive Security’s AI-native protection, businesses gain a full-stack AI solution—from creation to protection.

For the Cybersecurity Industry: 

As Gen AI  becomes embedded into organizational workflows, the need to protect the supply chain (models, prompts, responses, and output integrations) becomes more critical. OpenAI’s investment signals growing recognition that AI itself needs dedicated cybersecurity.

Don't Ignore the Signals: Why a Q2 Threat Assessment is Critical Now

The threats we saw in April weren’t just isolated stories but signals. Signals that attackers are evolving, industries must adapt, and AI will play a central role in the next chapter of cybersecurity.

If your business hasn’t conducted a Q2 threat assessment or evaluated new solutions, now’s the time. Leverage these updates to guide your decision-making. And remember, staying informed isn’t a luxury—it’s your first line of defense.

Don’t wait for the subsequent breach. Stay proactive, stay protected. Schedule your Q2 Cybersecurity Audit with Infosprint today.