Four people have been arrested as part of an investigation into the high-profile cyber attacks that severely disrupted operations at M&S, Co-op and Harrods earlier this year.

The National Crime Agency (NCA) confirmed on Thursday (10 July) morning that three men, aged 17, 19 and 19, and a 20-year-old woman had been detained in coordinated raids across London, the West Midlands and Staffordshire.

They were arrested on suspicion of multiple offences, including Computer Misuse Act breaches, blackmail, money laundering and participation in organised crime.

It is understood all four were taken into custody, with forensic teams now analysing a number of electronic devices seized during the operation. The investigation was supported by the West Midlands Regional Organised Crime Unit and the East Midlands Special Operations Unit.

The arrests follow a string of cyber attacks that started with M&S in April, resulting in major disruptions to the retailer’s systems.

M&S was forced to halt online orders and faced widespread product availability issues in stores, with its CEO Stuart Machin recently revealing it only expects operations to return to normal in August.

Subscribe to Grocery Gazette for free

Sign up here to get the latest grocery and food news each morning

According to sources, the initial breach stemmed from a “sophisticated impersonation” via a third party, with M&S earlier this week confirming it “believes” the attack was launched by cyber criminal group DragonForce.

Co-op and Harrods were targeted soon afterwards, with both retailers shutting down internal systems as a precaution, although the luxury retailer’s its website and stores remained open.

M&S chairman Archie Norman told MPs earlier this week that the cyber attack had been “traumatic” and likened the experience to an “out-of-body” moment.

When pressed on whether the retailer had paid a ransom, Norman declined to comment, citing ongoing cooperation with law enforcement.

The high street retailer has also revealed that the financial impact of the attack on M&S is expected to reach as much as £300 million this year, although this is expected to be mitigated by its insurance payout.

NCA national cybercrime unit head Paul Foster: “Since these attacks took place, specialist NCA cybercrime investigators have been working at pace and the investigation remains one of the agency’s highest priorities.”

“Today’s arrests are a significant step in that investigation but our work continues, alongside partners in the UK and overseas, to ensure those responsible are identified and brought to justice.”

Foster added: “Cyber-attacks can be hugely disruptive for businesses, and I’d like to thank M&S, Co-op and Harrods for their support to our investigations. Hopefully this signals to future victims the importance of seeking support and engaging with law enforcement as part of the reporting process. The NCA and policing are here to help.”