Retail giant Marks & Spencer (M&S) was the face of a coordinated ransomware campaign in April. The Scattered Spider group exploited Active Directory credentials to paralyze M&S online ordering and click-and-collect services for six weeks, costing an estimated £300 million. Other UK retailers, including the Co-op, were similarly hit. The attackers leveraged social engineering and MFA fatigue to gain access. These breaches demonstrated the fragility of just-in-time retail logistics when faced with aggressive, human-operated ransomware groups.