Share this article on:
Powered by MOMENTUMMEDIA
Breaking news and updates daily.
Despite its stores lacking products on shelves, UK retailer Co-op has begun the recovery process following the cyber attack it suffered last week – with payment systems now reportedly restored.
A number of stores were only receiving cash payments due to online payment systems being disabled in the aftermath of the cyber attack. However, Co-op said this has now been resolved.
However, the payment issues don’t seem to be the biggest problem facing Co-op customers – it’s empty shelves.
One customer reaching out to Co-op on X asked why stores were empty and why the store had not received an order for “about a week”, to which Co-op said it was experiencing technical issues.
“Your store may be experiencing some product availability issues, please bear with us while we work hard on fixing some technical problems we are experiencing,” said Co-op spokesperson Mel.
“We are continuing to serve our members and customers to the best of our ability, and we are sorry if this means you might not be able to buy some of your usual products from us.
“Thank you so much for your support.”
Your store may be experiencing some product availability issues, please bear with us while we work hard on fixing some technical problems we are experiencing.
— Co-op (@coopuk) May 6, 2025
We are continuing to serve our members and customers to the best of our ability, and we are sorry if this means you…
Additionally, Co-op confirmed earlier this month that customer data was accessed and exfiltrated by threat actors.
“As a result of ongoing forensic investigations, we now know that the hackers were able to access and extract data from one of our systems,” said the retailer.
“The accessed data included information relating to a significant number of our current and past members.”
“This data includes Co-op Group members’ personal data, such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group.”
While Co-op has not named a threat actor behind the incident, the hack was claimed by the DragonForce ransomware gang.
According to the threat actors, the data of 20 million Co-op membership rewards customers was exfiltrated. They also claimed to have contacted Co-op executives, including the head of cyber security on Microsoft Teams.
DragonForce’s claim also lines up with previous claims made regarding two other major UK retailers that were breached in recent weeks.
According to an investigation by Marks & Spencer (M&S), which was breached last month, Microsoft, CrowdStrike, and Fenix24, threat actor Scattered Spider was behind the M&S incident.
Scattered Spider, or Octo Tempest as Microsoft calls them, is a hacking group largely made of teenagers and young adults believed to be based in the UK and the US. The group reportedly deployed the DragonForce ransomware in the M&S attack.
The DragonForce ransomware gang is believed to be working with English-speaking threat actors with tactics in line with Scattered Spider.
Additionally, DragonForce also claimed the cyber attack on UK retailer Harrods.
Be the first to hear the latest developments in the cyber industry.