Co-op Shuts Down IT Systems After Attempted Hack

Uploaded on 2025-05-01 in TECHNOLOGY--Hackers, FREE TO VIEW

The Co-op has become the latest major retailer to shut down part of its IT system after discovering an attempted hack only days after Marks & Spencer's serious shut-downs.  

The Co-op, which is the UK's fifth biggest food retailer, owns more than 7,000 stores, said the measures to protect its systems included the shutdown of some business services for teams running stores and its legal services division.

The Co-op’s grocery stores are currently introducing technology including electronic shelf-edge pricing to save labour hours in stores and is expanding its fast-track online grocery deliveries.

The Co-op said all its stores, including rapid home deliveries, were trading as usual, as were its funeral homes.
The attempted attack on its IT systems comes after the business said technology would play an important role in keeping down costs and tackling shoplifting.

The stock monitoring system is understood to be one of those affected. One well-placed source said gaps could soon appear on shelves in some areas if the problem was not resolved fairly swiftly. Some staff would not be able to work from home from Wednesday 30th April after remote access to some systems was blocked.

The National Cyber Security Centre (NCSC) said it was working with the Co-op in response to a the cyber incident. It is also working with M&S and is expected to examine any potential links.

One source said the shutdown had led to the closure of virtual desktops across the business, which was affecting a number of behind-the-scenes operations that required head office support, including updates on stock.
The problems emerged as M&S continues to battle major problems caused by a cyber incident that has been connected to Scattered Spider hacking group.   

Retailers and their suppliers have faced a series of cyber-attacks in recent years including Morrisons, which was affected by an incident at its tech supplier Blue Yonder in the run-up to Christmas last year.

In expert comment, Tim Grieveson, CSO & EVP Information Security at ThingsRecon, said "The attempted hack affecting Co-op follows a week of high-profile cyber incidents impacting UK retailers. This attempt should not go unnoticed and the swift incident response from the Co-op should be an example for all organisations to follow, not just those in the industry."
 
“While details are still emerging, this event shows the need for proactive resilience and robust cybersecurity measures. Businesses must move forward with layered security defenses, regular employee training, and comprehensive incident response plans to mitigate major disruption caused by such attacks...

Additional measures such as mapping out potential entry points by understanding the extent of your supply chain will reduce exposures and minimise the likelihood of cyber incidents in the first place.” Grievson concluded.

In 2023, WH Smith was attacked in which company data was accessed illegally, including the personal details of current and former employees. The latest Cyber Security Breaches Survey, published by the government earlier this month, showed that four in 10 businesses were affected by a cyber attack in the last year. 

Bloomberg   |   Guardian   |   STV   |   BBC   |   MSN   |  Independent 

Image: @coopuk

You Might Also Read: 

Enterprise Cybersecurity Today: A Vast Landscape To Secure:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Scattered Spider Hacking Group Is Behind The Attack On M&S
Mastering Security In An Era Of Regulatory Shifts »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

BooleBox

BooleBox

Boolebox is the innovative suite of enterprise data protection applications that preserve the integrity and confidentiality of data from any unauthorized access.

Centro de Gestion de Incidentes Informaticos (CGII)

Centro de Gestion de Incidentes Informaticos (CGII)

CGII is the Computer Incident Management Center of the State of Bolivia.

DFI

DFI

DFI is a global leading provider of high-performance computing technology across multiple embedded industries.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Kaspersky Industrial CyberSecurity (KICS)

Kaspersky Industrial CyberSecurity (KICS)

Kaspersky addresses all the cybersecurity needs of industrial organizations in its Kaspersky Industrial CyberSecurity (KICS) portfolio.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

GetHacked.ca

GetHacked.ca

GetHackded.ca is a certified company offering penetration testing and specialized cybersecurity services.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

Endure Secure

Endure Secure

Endure Secure is a managed cyber security & information security consultancy. Our passion for IS and our understanding of the threat landscape is reflected in the services that we provide.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

PayPal Ventures

PayPal Ventures

PayPal Ventures invests in companies at the forefront of innovation in fintech, payments, commerce enablement, artificial intelligence, blockchain and cryptocurrency, regulatory and cyber technology.

Amnet Technology Solutions (Amnet Systems)

Amnet Technology Solutions (Amnet Systems)

Amnet Systems is a technology services organization that provides Managed IT, Cloud Computing, Cyber Security, Data Center and Audio Visual services since 1995.

C5 Technology

C5 Technology

C5 Technology specialises in the provision of networking, security, and infrastructure services to enterprises and government agencies.