SCATTERED SPIDER moved from initial access to encryption by deploying ransomware in under 24 hours in one observed case

11 of the 21 incidents attributed to Scattered Spider over 36 months occurred in the short window between April and early July 2025, indicating a steep rise in activity in 2025.

In 2022, four technology companies attacked by Scattered Spider.

In 2023, two hospitality companies attacked by Scattered Spider.

In 2025 (through 7/2/2025), four retail, four insurance, and three aviation firms attacked by Scattered Spider.

In 2023, MGM absorbed approximately $100 million in losses due to Scattered Spider.

91% of companies analyzed by CyberCube are currently classified as "low risk" for Scattered Spider attacks.

2% of large firms are at the highest risk from Scattered Spider. This equates to 287 companies in the analysed portfolio. These companies use three or more technologies frequently targeted by Scattered Spider and have security lapses the group exploits.

Total financial losses for Scattered Spider victims have ranged from tens to hundreds of millions of dollars.

In 2023, Caesars reportedly paid a $15 million ransom to Scattered Spider.

There was a reported lull in activity in 2024 for Scattered Spider.

7% of companies, or 1,037 firms, use at least one of the group’s preferred technologies and exhibit security weaknesses that could enable partial attack progression.

In May 2025, UK retailers Marks & Spencer and Co-op faced combined damages estimated at up to $592 million due to Scattered Spider.

Among highest-risk companies of Scattered Spider attacks, seven aviation firms were identified, including Hawaiian Airlines, which was a recent victim.

Over 36 months, 21 major publicly disclosed cyber incidents have been attributed to Scattered Spider.