Multiple Location Supermarket Suffers Supply Chain Attack

Uploaded on 2021-12-07 in TECHNOLOGY--Hackers, FREE TO VIEW

A cyber attack has simultaneously hit more than 300 Spar convenience stores across the north of England in an apparent supply chain attack, forcing many of them to revert to cash-only payments while others chose to close their doors to customers. The attack hit the company’s computer systems, causing a “total IT outage” that has prevented staff from taking card payments and locked them out of emails.

The attack targeted James Hall & Company in Preston, Lancashire, which operates Spar's tills and IT systems and the affected stores have been able to handle card payments. The company supplies products to around 600 Spar stores. 

The UK  National Cyber Security Centre (NCSC) and Lancashire Police are investigating. A spokesman for Sparb said: "We are aware of an issue affecting Spar stores and are working with partners to fully understand the incident... We are working to resolve this situation as quickly as possible."

This isn't the first time a supermarket chain has been brought to its knees by a cyber attack. In July hackers caused 500 Co-op stores in Sweden to close as tills and self-service machines were taken down as one of the international effects of the massive Kaseya supply chain attack. In that case, it was the Co-op supermarket's IT supplier that was hit with ransomware.

The question for James Hall is now the one all cyber attack victims dread - whether or not to to pay the  criminals to get the  shops back online?

For the hundreds of thousands of Spar customers affected by the hack the urgent question is when will their local stores open again?  It has more than 2,500 stores in the UK that employ about 40,000 people and has an annual turnover of more than £3bn. At the time of writing both the Spar and the James Hall &Co websites were inaccessible.

NCSC:     LEP:      ITPro:      ZDNet:    BBC:    Guardian:    Telegraph:     Times:    Cumbria Crack

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

« Cyber Attacks Should Be The #1 Concern For Business Leaders
Twitter Takes-Down Thousands Of Propaganda Accounts »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

National Security Agency (NSA) - USA

National Security Agency (NSA) - USA

NSA is a US intel agency responsible for the protection of government communications and information systems against penetration and network warfare.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

Ingalls Information Security

Ingalls Information Security

Ingalls Information Security provides network security, monitoring and forensics.

United Security Providers

United Security Providers

United Security Providers is a leading specialist in information security, protecting IT infrastructures and applications for companies with high demands on security.

Synelixis Solutions

Synelixis Solutions

Synelixis Solutions is a high-tech company founded to provide complete telecommunications, networking, security, control and automation solutions.

US Venture Partners (USVP)

US Venture Partners (USVP)

USVP is a leading Silicon Valley venture capital firm focusing on early-stage start-ups that transform cybersecurity, enterprise software, consumer mobile and e-commerce, and healthcare.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

Coveware

Coveware

Coveware helps businesses remediate ransomware. We help companies recover after files have been encrypted, and our analytic, monitoring and alerting tools help companies prevent ransomware incidents.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.

BluSapphire

BluSapphire

BluSapphire is an industry-first, purpose-built, cloud-native, Hybrid XDR platform powered by AI and big data analytics.

Resonance Security

Resonance Security

Resonance offers powerful cybersecurity aggregation software that makes protecting against full spectrum cybersecurity threats effortless no matter what your technical level, budget, or scope.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.

Clear Ridge Defense

Clear Ridge Defense

Clear Ridge was founded in April 2015 with the mission and vision to support Joint, Service Cyber Components, and commercial clients in specialized cyber support.