The Co-op has confirmed that it shut down parts of its IT systems following an attempted cyberattack, becoming the latest retailer in the UK affected by cybersecurity incidents. A Co-op spokesperson confirmed the hacking attempts to BleepingComputer but has not disclosed whether the attempts were successful.
“We have recently experienced attempts to gain unauthorised access to some of our systems,” the Co-op spokesperson told the publication. “As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact on some of our back office and call centre services.” The retailer has not disclosed specifics about the nature of the attack or identified any responsible threat actors.
The incident has affected Co-op’s stock monitoring system, raising concerns about potential product shortages if the issue persists. Additionally, some employees have been unable to work remotely due to restricted access to certain systems, The Guardian reported, citing an anonymous source.
Despite challenges, Co-op has reassured that all its grocery stores, rapid home delivery services, and funeral homes continue normal operations. The National Cyber Security Centre (NCSC) is collaborating with the Co-operative Group to assist in responding to this cyber incident.
The Co-operative Group, known for its diverse operations, operates over 2,500 supermarkets and 800 funeral homes across the UK. It also supplies goods to more than 5,100 outlets through its wholesale division. The organisation is a consumer-owned co-operative with over 6.2 million members. Last month, the group reported annual revenue of £11.3bn in 2024, flat from the previous year. Profit before tax jumped by £133m to £161m in 2024, driven by stronger operating results and improved returns from its Funeralcare investment plans.
Retail sector under increasing cybersecurity threat
Co-op’s targeting by cybercriminals is not surprising, said Commvault’s Jason Gerrard. “Targeting industry leaders and critical supply chains is a calculated strategy for notoriety and financial gain,” said the firm’s senior director for channel systems engineering EMEAI. “Hackers know that compromising a single piece of software can open doors to hundreds of downstream organisations. They’re chasing money and publicity – so they aim for ‘big fish.’”
The cyber incident at Co-op follows a similar attack on another British retailer Marks & Spencer (M&S) recently. The attack forced M&S to suspend online services and asked hundreds of logistics employees to stay home. This incident was linked to the ‘Scattered Spider’ threat group, which used DragonForce ransomware. Authorities, including the NCSC, were notified of the breach.
Both Co-op and M&S have not disclosed full details of the attack or the extent of data compromised. However, these incidents highlight growing cyber risks in retail, urging businesses to strengthen cybersecurity measures.
Read more: Marks & Spencer hit by cyberattack, services disrupted
