Co-op Shuts Down IT Systems After Attempted Hack

Uploaded on 2025-05-01 in TECHNOLOGY--Hackers, FREE TO VIEW

The Co-op has become the latest major retailer to shut down part of its IT system after discovering an attempted hack only days after Marks & Spencer's serious shut-downs.

The Co-op, which is the UK's fifth biggest food retailer, owns more than 7,000 stores, said the measures to protect its systems included the shutdown of some business services for teams running stores and its legal services division.

The Co-op’s grocery stores are currently introducing technology including electronic shelf-edge pricing to save labour hours in stores and is expanding its fast-track online grocery deliveries.

The Co-op said all its stores, including rapid home deliveries, were trading as usual, as were its funeral homes.
The attempted attack on its IT systems comes after the business said technology would play an important role in keeping down costs and tackling shoplifting.

The stock monitoring system is understood to be one of those affected. One well-placed source said gaps could soon appear on shelves in some areas if the problem was not resolved fairly swiftly. Some staff would not be able to work from home from Wednesday 30th April after remote access to some systems was blocked.

The National Cyber Security Centre (NCSC) said it was working with the Co-op in response to a the cyber incident. It is also working with M&S and is expected to examine any potential links.

One source said the shutdown had led to the closure of virtual desktops across the business, which was affecting a number of behind-the-scenes operations that required head office support, including updates on stock.
The problems emerged as M&S continues to battle major problems caused by a cyber incident that has been connected to Scattered Spider hacking group.

Retailers and their suppliers have faced a series of cyber-attacks in recent years including Morrisons, which was affected by an incident at its tech supplier Blue Yonder in the run-up to Christmas last year.

In expert comment, Tim Grieveson, CSO & EVP Information Security at ThingsRecon, said "The attempted hack affecting Co-op follows a week of high-profile cyber incidents impacting UK retailers. This attempt should not go unnoticed and the swift incident response from the Co-op should be an example for all organisations to follow, not just those in the industry."

“While details are still emerging, this event shows the need for proactive resilience and robust cybersecurity measures. Businesses must move forward with layered security defenses, regular employee training, and comprehensive incident response plans to mitigate major disruption caused by such attacks...

Additional measures such as mapping out potential entry points by understanding the extent of your supply chain will reduce exposures and minimise the likelihood of cyber incidents in the first place.” Grievson concluded.

In 2023, WH Smith was attacked in which company data was accessed illegally, including the personal details of current and former employees. The latest Cyber Security Breaches Survey, published by the government earlier this month, showed that four in 10 businesses were affected by a cyber attack in the last year.

Bloomberg | Guardian | STV | BBC | MSN | Independent

Image: @coopuk

You Might Also Read:

Enterprise Cybersecurity Today: A Vast Landscape To Secure:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.