Recent retail cyber attacks in the UK have made Steve Rogerson a little nervous about doing his shopping.

The UK retail industry is under attack, literally. Bad actors have been attacking retail companies with ransomware and the like, affecting shops ranging from clothing and grocery retail giant Marks & Spencer (M&S) to the Co-Op convenience store chain. Even London posh shop Harrods has been affected.

The M&S attack was the most widely publicised, and is said to be the work of cyber-criminal group Scattered Spider. It was also very effective, shutting down the company’s IT system and killing online orders. At the time of writing, online orders were still down. The attack started early last month and it has been reported it could be more months, that’s plural, before everything is back up and running.

The Co-Op attack has paralysed its ordering process and empty shelves are being reported across the UK. The retailer says all its shops are still open but its back-office systems are struggling.

Luxury store Harrods was the third victim and is being a little secretive about what has been affected insisting its flagship store in London and online sales are still running.

Such has been the fallout from these attacks that even the UK government is getting involved with a planned £16m package to boost cyber defences. A good chunk of this will be to help firms bring protection technology to market.

As someone who shops at M&S and the Co-Op, I can’t help being a little concerned. The Co-Op has issued as a statement saying it believes data extracted include members’ personal information such as names, residential addresses, email addresses, phone numbers and dates of birth. I am a member.

So far, the news is that personal data at M&S have not been compromised, but given how unprepared these retailers seem to have been, I am not totally convinced, and some cyber-security experts seem to agree.

Scott Dawson, CEO of payment processor Decta (www.decta.com), wrote to me saying: “Too many retailers are operating on outdated infrastructure, bolted together over decades with minimal regard for resilience-by-design. The result is siloed security, disjointed crisis response, and a mounting toll on trust, efficiency and revenue.”

He says when systems are taken offline, it chips away at consumer confidence.

“The fact that systems had to be shut down despite no confirmed data breach points to a glaring lack of operational resilience,” he said. “The absence of standardised, tested recovery architectures turns every intrusion attempt into a potential operational crisis.”

Marc Porcar, CEO of QR Code Generator Pro SL (qrfy.com), also dropped me a line. He said: “It is concerning to witness huge companies such as M&S and the Co-Op experience significant cyber attacks, but business owners should not be alarmed, as there are ways for them to protect their enterprise and minimise the risk significantly.”

He said most hacking attempts could be avoided by proper cyber protection and cyber safety awareness, and has published warning signs and responses to help dispel hackers in most cases.

“Business owners and employees should remain vigilant and alert of potential cyber threats at all times, and all cyber protection software should remain updated,” he said.

And for shoppers a little worried about what is going on, he points out they can opt out of linking their card to online shopping accounts to reduce the risk of their data being compromised. Additionally, changing account passwords regularly and using different passwords for different accounts help ensure data remain as safe as possible.

The Co-Op statement says I should not be worried as passwords have not been stolen but says I should still be wary of suspicious emails and phone calls, so situation normal there. M&S says no need to take any action but online shopping is down and staying down for now, though visitors can browse online. If you want to buy, go to a shop. As to Harrods, I can’t afford to shop there so it doesn’t affect me.

The only worry though is with three high-profile attacks in such a short time, do the hackers know something, and are there more in the pipeline? In fact, have there been more that we don’t yet know about? Concerning, but I will cheer myself up with an online beer order. Fingers crossed.