Cyber Attack Disrupts Co-op Card Payments and Product Availability Across Stores Nationally
  • 336 views
  • 2 min read

A significant cyber attack has recently caused widespread disruption to Co-op stores across the nation, impacting card payments and product availability. The attack, which began in late April 2025, has affected various aspects of the retailer's operations, from in-store payment systems to supply chain logistics.

The initial signs of the attack manifested as issues with contactless card payments, with some stores displaying "cash only" signs as their card machines went offline. Contactless payments were also affected in some locations. Simultaneously, customers reported empty shelves and reduced product availability, indicating a disruption to Co-op's supply chain. The retailer has since acknowledged that the attack necessitated the temporary shutdown of certain elements of their supply chain and logistics operations. Co-op issued a warning to its suppliers, advising them not to send deliveries to Co-op depots without a direct go-ahead.

The Co-op first revealed they had shut down parts of its IT estate, having “recently experienced attempts to gain unauthorised access to some of our systems”. At the time it said the damage was limited to “a small impact to some of our back office and call centre services”. Days later, as it experienced “sustained malicious attempts by hackers”, the retailer said the hackers had been able to access data from one of its systems associated with current and past members.

The attackers, identified as the DragonForce group, claimed to have stolen a substantial amount of customer and employee data. While Co-op has confirmed that customer names, contact details, and dates of birth were accessed, they assured that no bank details, transaction information, or passwords were compromised. However, the cyber criminals allege they possess the private information of 20 million Co-op members, a figure the company has not confirmed. Screenshots of extortion messages sent to Co-op's head of cyber security, including claims of exfiltrated customer databases and member card data, have been shared with the BBC.

The cyber attack on Co-op is part of a recent wave of attacks targeting UK retailers, including Marks & Spencer (M&S) and Harrods. Technology publication BleepingComputer reported that the attacks on M&S and Co-op began with hackers impersonating employees and convincing help desks to reset passwords. The CEO of the National Cyber Security Centre (NCSC) has described these attacks as a "wake-up call to all organisations".

Co-op has taken proactive steps to manage the attack, including shutting down some of its systems to protect the organization. This decision, while disruptive in the short term, was a measure to prevent the hackers from inflicting further damage, such as deploying ransomware. The retailer is working with the NCSC and the National Crime Agency (NCA) to investigate the incident and restore normal operations.

The incident has prompted a wider discussion about cybersecurity preparedness in the retail sector. The Chair of the Business and Trade Select Committee has written to the CEOs of M&S and Co-op, seeking reassurance that the incidents are being managed effectively. Experts recommend that retailers strengthen their cyber defenses, given the increasing frequency and scale of data breaches. Some security experts say the tactics seen are similar to that of a loosely coordinated group of hackers who have been called Scattered Spider or Octo Tempest.

The Co-op has apologized to its customers and members for the disruption caused by the cyber attack. The retailer is working to minimize the impact on its services and resume normal deliveries as quickly as possible.


Writer - Anjali Kapoor
Anjali possesses a keen ability to translate technical jargon into engaging and accessible prose. She is known for her insightful analysis, clear explanations, and dedication to accuracy. Anjali is adept at researching and staying ahead of the latest trends in the ever-evolving tech landscape, making her a reliable source for readers seeking to understand the impact of technology on our world.
Advertisement

Latest Post


Infosys is strategically leveraging its "poly-AI" or hybrid AI architecture to deliver significant manpower savings, potentially up to 35%, for its clients across various industries. This approach involves seamlessly integrating various AI solutions,...
  • 426 views
  • 3 min

Indian startups have displayed significant growth in funding, securing $338 million, marking a substantial 65% year-over-year increase. This surge reflects renewed investor confidence in the Indian startup ecosystem and its potential for sustainable...
  • 225 views
  • 3 min

Cohere, a Canadian AI start-up, has reached a valuation of $6. 8 billion after securing $500 million in a recent funding round. This investment will help Cohere accelerate its agentic AI offerings. The funding round was led by Radical Ventures and In...
  • 320 views
  • 2 min

The Indian Institute of Technology Hyderabad (IIT-H) has made significant strides in autonomous vehicle technology, developing a driverless vehicle system through its Technology Innovation Hub on Autonomous Navigation (TiHAN). This initiative marks ...
  • 377 views
  • 2 min

Advertisement

About   •   Terms   •   Privacy
© 2025 TechScoop360