Business

Co-op faces major disruption after sophisticated cyber attack compromises member data

Wednesday, 7 May 2025 12:09AM UTC

The Co-operative Group is grappling with widespread operational disruptions following a highly sophisticated cyber attack that has affected payment systems and exposed limited member data, prompting urgent response measures and apologies from its CEO.

The Co-operative Group has confirmed that it is facing significant disruption following what it describes as a "highly sophisticated" cyber attack on its IT systems. The incident has had a notable impact on its operations, leading to widespread disturbances across its stores.

In a communication to customers on Tuesday, May 6, Co-op chief executive Shirine Khoury-Haq expressed her apologies for the inconvenience caused and outlined the measures being taken in response to the attack. She stated that the company was encountering "significant disruption" and noted that shutting down some of their systems was a necessary step to protect the organisation.

Khoury-Haq further revealed that while the cyber criminals managed to access a limited amount of member data, including personal details, the company is committed to understanding the extent of the breach and is collaborating with relevant authorities. "This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened," she remarked.

The cyber attack has been part of a wider trend, with multiple retailers, such as Marks & Spencer and Harrods, reportedly targeted in recent weeks. The effects of the incident have been felt in stores across the UK, particularly in Manchester where some locations displayed signs indicating they were operating on a "cash only" basis due to offline card systems. Reports from customers suggested that contactless payment options were also impacted at a small number of stores.

Despite the disruptions, the majority of Co-op’s 2,300 outlets were still functioning normally in terms of payment methods. A spokesperson for the retailer acknowledged the situation, stating, "This means some of our stores might not have all of their usual products available, and we would like to say sorry to our members and customers if this is the case in their local store." The company is reportedly working "around-the-clock" to mitigate disruption and restore normal service, while also attempting to manage deliveries.

In a previous communication prior to the latest updates, Co-op announced that personal data had been extracted by hackers but maintained that the extent of the breach was limited. The company had initiated shutdown procedures in response to what it characterised as "sustained malicious attempts" against its IT systems.

As the Co-op continues its efforts to recover from the cyber attack, customers and employees await further updates on the status of operations and the integrity of their data.

Source: Noah Wire Services

More on this

https://www.ctvnews.ca/it-was-empty-co-op-stores-deal-with-cyberattack-affecting-supply-1.6950576 - This article discusses the impact of a cyberattack on Co-op stores in Saskatoon, leading to empty shelves and supply issues, corroborating the widespread disturbances across Co-op stores mentioned in the original article.
https://www.ctvnews.ca/co-op-operations-and-systems-fully-restored-following-cybersecurity-incident-1.6970648 - This report details the restoration of Co-op's operations and systems after a cybersecurity incident, supporting the claim of significant disruption and subsequent recovery efforts.
https://www.650ckom.com/2024/07/15/expert-says-co-op-cyber-attack-was-likely-a-ransomware-case/ - An expert analysis suggesting that the Co-op cyberattack was likely a ransomware case, aligning with the description of a 'highly sophisticated' cyber attack in the original article.
https://www.scribd.com/document/768205927/Annual-Report-2023 - The Co-op's Annual Report 2023 outlines their commitment to cybersecurity and data protection, providing context to the company's response to cyber threats as mentioned in the original article.
https://www.teckpath.com/the-latest-ransomware-incident-at-co-op-a-wake-up-call-for-retail-cybersecurity/ - This article details the Co-op's ransomware incident, including the operational disruptions and financial losses, supporting the claims of significant impact and operational challenges.
https://en.wikipedia.org/wiki/Shirine_Khoury-Haq - A profile of Shirine Khoury-Haq, CEO of The Co-operative Group, who addressed the cyberattack and its impact, as mentioned in the original article.
https://news.google.com/rss/articles/CBMilwFBVV95cUxPVXBqWE1xbFl0WG5fMTB0WGhNMzdyVUItRlBFcVhQMU9zRUVicEsxejFuZkNoeFQ1QnBEbTluWUVoWEx2QV9IdWNMTHFSblBEY3d1dm0yNEdvcnhtTzBCbFdsZGF6d2VSOEViWkxITXg5Ykc2Q3BjRHloalZXaUNZOG9VY0RQYTZhdjByR1BVTkJReWs3VTlr0gGcAUFVX3lxTE9GMEZxb3c1X3AyZXZnNjJhS2RFVE5Udy1sczd1Q0hlSjg5TC1fVXdNT1NiOC1uS0c1MlhscFh0YUZNbkQzVEUzaHVBX1I2N1BaZVVVVEJVMldqUFJDdVNJMDFNQVpRS1RqckFSbTNtS1RPdDFrYV85ekUwRW1fc2s1STNSRkc1Skc5MFlWRjdzM3V6Qm9GRXhLRjR0Wg?oc=5&hl=en-US&gl=US&ceid=US:en - Please view link - unable to able to access data

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 8

Notes: The narrative references recent events and mentions specific dates, indicating it is current. However, the story might not be entirely novel, as cyber attacks on major retailers have increased, and similar disruptions have been reported in the past.

Quotes check

Score: 7

Notes: The quote from Shirine Khoury-Haq is mentioned without a specific original source, making it difficult to verify if this is the earliest use. However, given the context, it appears to be a recent statement likely from a press release or communication to customers.

Source reliability

Score: 6

Notes: The narrative does not specify a well-known reputable publication as the origin. The information seems to align with general reporting styles on similar incidents, but without a clear source, the reliability is somewhat uncertain.

Plausability check

Score: 9

Notes: Cyber attacks on major retailers are plausible and have been increasingly common. The described impact and response align with typical procedures in such incidents, making the narrative highly plausible.

Overall assessment

Verdict (FAIL, OPEN, PASS): OPEN

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The narrative appears plausible and current, but lacks specific source attribution. While elements like quotes and recent events are present, the exact origin and originality of some information could not be confirmed, affecting the overall confidence.

Co-op
cyber attack
retail disruption
data breach
payment systems