Co-op faces delivery delays and empty shelves as cyber attack escalates
Co-op has warned customers of ongoing product shortages across its store network
Co-op has warned customers of ongoing product shortages across its store network as the retailer continues to battle a “sustained” cyber attack that has forced it to shut down some of its delivery systems.
The retailer said the attack on its systems, which began last week, has caused serious disruption to store availability, particularly in fresh categories such as fruit, vegetables, meat and dairy.
According to the Telegraph, a notice posted in one affected store read: “Sorry, we’re having some availability issues which will be resolved shortly.” Pictures shared online show swathes of empty shelves and fridges, with some stores receiving limited or no fresh stock deliveries in recent days.
Co-op confirmed on Friday (2 May) that attackers had stolen personal data from a “substantial” number of customers.
In a letter to members sent Monday, CEO Shirine Khoury-Haq said a “limited amount” of member data had been compromised. “This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened,” she said.
The retailer said it was working closely with the National Cyber Security Centre (NCSC) and National Crime Agency to investigate the breach. It also urged customers to remain vigilant against suspicious emails or phone calls.
-
Related Story
-
The attack, believed to involve ransomware, is part of a wider wave of cyber threats currently impacting UK retail. M&S has faced more than two weeks of online disruption, while Harrods recently thwarted an attempted intrusion.
According to reports, hacking groups Dragonforce and Scattered Spider—allegedly composed of British and US teenagers—are believed to be behind the Co-op and M&S breaches. Co-op’s own cybersecurity lead was reportedly contacted directly by hackers through an internal chat platform.
In a statement, a Co-op spokesperson said: “All our stores are open and trading however, due to the sustained malicious attempts by hackers to access our systems, we have taken proactive steps to keep our systems safe, which is temporarily impacting our colleagues’ ability to perform their roles and how many deliveries we can make to our stores.
“This means that some of our stores might not have all of their usual products available and we would like to say sorry to our members and customers if this is the case in their local store. We are working around the clock to reduce disruption and resume deliveries.”
The NCSC has since issued a warning to retailers to review their IT helpdesk procedures amid concerns that attackers are targeting support teams to bypass multi-factor authentication and gain access.
Click here to sign up to Retail Gazette‘s free daily email newsletter
