DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door

This report describes active attacks by the DragonForce ransomware cartel against UK retailers (Co-op, Marks & Spencer, Harrods), with verified data exfiltration claims and a repeat of LAPSUS$/Scattered Spider-style social engineering to bypass MFA via helpdesk interaction; it outlines observed TTPs (MFA/social engineering, living-off-the-land access, use of Teams/Office for discovery), provides defender actions and incident response recommendations, and notes ongoing threats of further disclosures.