Co-op Shuts Down Systems Amid Cyberattack Attempt, Disrupting Operations

04/30/2025 Security

The Co-operative Group, a major retail player in the United Kingdom, has taken precautionary measures by shutting down certain IT systems following what it describes as attempted cyber intrusions. A spokesperson for the Co-op confirmed that the company has "recently experienced attempts" by malicious actors to infiltrate its systems.

In response to these attempts, the company initiated "proactive steps" aimed at safeguarding its digital infrastructure. This has, however, resulted in some disruption to the Co-op's back-office operations and call center functionalities. At present, the extent to which these intrusion attempts were successful remains unclear.

The Co-op, which boasts a membership base of over 5 million, has assured customers that its stores are operating as usual. The company has not issued any specific instructions or requests for customers to alter their shopping habits at this time.

While the Co-op has confirmed its collaboration with the National Cyber Security Centre, it has remained tight-lipped regarding specifics of the incident. The company has not publicly disclosed whether the incident involved ransomware, whether it has identified the threat actors, or whether it has reported the incident to the Information Commissioner's Office (ICO), the UK's data protection regulator, as is legally mandated in cases of suspected data breaches.

Silence on Ransomware

Furthermore, the Co-op's spokesperson declined to comment on whether the company has engaged in any form of communication with the individuals or groups behind the cyberattack, such as ransomware gangs. This silence adds to the uncertainty surrounding the nature and severity of the cyber incident.

The news of the disruption at The Co-op surfaces shortly after Marks & Spencer, another prominent UK retailer, acknowledged a cyberattack that disrupted order fulfillment for its customers. Marks & Spencer has since notified the ICO, indicating a potential data breach. Disruption at Marks & Spencer continues and already extends to two weeks.

The incidents at both The Co-op and Marks & Spencer underscore the increasingly sophisticated and persistent nature of cyber threats targeting the retail sector. Retailers hold vast quantities of sensitive customer data, making them attractive targets for cybercriminals seeking financial gain or malicious disruption. Cyber security becomes a key component of the business.

These recent events serve as a stark reminder for all organizations to prioritize robust cybersecurity measures, including regular security audits, employee training, and incident response planning. The ability to detect, respond to, and recover from cyberattacks is becoming increasingly critical for maintaining business continuity and protecting customer data.