/** * https://gist.github.com/samthor/64b114e4a4f539915a95b91ffd340acc */ (function() { var check = document.createElement('script'); if (!('noModule' in check) && 'onbeforeload' in check) { var = false; document.addEventListener('beforeload', function(e) { if (e.target === check) { = true; } else if (!e.target.hasAttribute('nomodule') || !) { return; } e.preventDefault(); }, true); check.type = 'module'; check.src = '.'; document.head.appendChild(check); check.remove(); } }());
BBC Morning Live Logo

How to Stay Safe After Retail Cyber Attacks

Spencer Kelly tech journalist

At a glance

  • M&S, Co-op, Harrods, and Adidas have all been targeted, with customer data potentially compromised, including names, details, and order histories.

  • Cybercriminals exploit basic personal information to create convincing phishing texts and emails that appear legitimate, increasing the risk of fraud.

  • Even if your data has been breached, you can reduce the risk by spotting suspicious messages and avoiding giving away more personal information.

  • Fraudsters are paying for fake adverts to appear at the top of search results, s should check for 'sponsored' labels and rs via built-in tools.

Over the past few weeks, major UK retailers including M&S, Co-op, Harrods, and Adidas have all confirmed they've been targeted by cyber criminals. With headlines like these, it's no surprise shoppers are worried about what this means for their personal information, and what we can do to protect ourselves.

To break it all down, we were ed in the studio on Friday 30th May by tech journalist, Spencer Kelly.

BBC Morning Live

Friday 30th May 2025

BBC iPlayer

Watch on iPlayer

What are hackers actually after?

When a cyber attack hits, hackers are usually targeting personal information: things like your email address, phone number, s, or date of birth.

"It might not sound that dangerous on its own," says Spencer, "but to scammers, it's quite valuable. That data can be used directly or sold on to others, and it often ends up being used in phishing scams."

How scammers use your data: a real-world example

Fake text message

To show just how this data can be misused, we looked at a fake scam text supposedly from our made-up retailer: Morning Live Superstore.

Initially, it looks suspicious but generic, sent out of the blue, and not personally addressed.

But once hackers have access to real customer data, that same message might include your name, recent purchases, or delivery information, making it feel far more convincing.

The danger? "It's not the stolen data itself that's most dangerous, it's what scammers do with it, and how they trick you into giving them even more."

Can you protect yourself after a breach?

Not all scams arrive by email or text. Some target you while you're searching online.

Scammers can pay to put fake websites at the top of search engine results. These might look like real businesses, but they're designed to steal personal information or install malware.

What to look out for:

  • Sponsored results: These are marked as "Sponsored" (on Google) or appear with a note under the title (on Bing).

  • Verification tools: Click the three dots next to the ad to see who paid for it – and whether they've been verified.

  • Verification matters: Verified rs must submit real legal documentation. Most scammers won't be able to do that.

🛑 It's not foolproof, but these clues can help you stay one step ahead.

Stay Smart, Stay Safe

While you can't stop every data breach, you can make it harder for scammers to catch you out.

Check sources, think twice before clicking, and take control of your data wherever possible.

Links to more information