Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Co-op, the UK retail giant that was hacked at the end of last month, is set to recover much faster than the other two hacked UK retailers thanks to quick action that prevented it from suffering from ransomware.
While Marks & Spencer (M&S), which suffered a cyber attack last month, is still dealing with operational issues thanks to system outages, Co-op is set to restore stock to its shelves this week following the restoration of its supplier online ordering system.
“Our amazing colleagues have been working day and night to protect our systems and get our operations back on track, and we can confirm that we are now in a much stronger position,” wrote Co-op CEO Shirine Khoury-Haq in the company’s latest update.
“Our stores are now receiving regular deliveries, so you can expect to find more of the products you need in your local store from this weekend.”
So what sets Co-op apart from the two other victims? The democratically owned retailer took its systems offline before the threat actors could launch the ransomware on their systems, which would have encrypted its files and prevented them from accessing them.
However, Co-op hasn’t escaped the cyber attack scot-free. While its early action mitigated much of the damage, it did confirm that threat actors successfully exfiltrated personal data from its systems.
“As a result of ongoing forensic investigations, we now know that the hackers were able to access and extract data from one of our systems,” said the retailer in a statement to BleepingComputer.
“The accessed data included information relating to a significant number of our current and past members.”
“This data includes Co-op Group members’ personal data, such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group.”
M&S, which is still dealing with outages and facing weekly costs of an estimated £43 million, also confirmed that data was affected in the cyber attack.
“As we continue to manage the current cyber incident, we have written to customers to let them know that unfortunately the nature of the incident means some personal customer data has been taken,” said M&S.
Strangely, the retailer continues to instruct its customers that they don’t have to take any action, when they should keep an eye out for scams using their personal details.
“Importantly, there is no evidence that this data has been shared, and it does not include usable card or payment details, or account passwords, so there is no need for customers to take any action,” M&S said.
While the relationship with this current cyber incident is unconfirmed, one M&S customer last month said that scammers attempted to reach out, claiming they were from M&S by using the last four digits of their credit card number to verify their identity, which may suggest that some card information may have been leaked.
“Yesterday I received a NoCallerID who wanted to scam me using my name and last 4 digits of my credit card. I hung up and wasn’t scammed. However, I tried to return an online order to M&S and their staff said systems were down. Now there’s an admission of a cyber attack,” said the customer in a post on X.
“It transpires the card I paid M&S with is the one the scammers used against me. The scammer wanted access to my phone and wanted me to read a 6 digit code back to him. This would have given him access to all info on my phone. I hung up and called my bank myself. Be alert!”
M&S may have concluded that partial card information is not “usable”.
The retailer has, however, forced a password reset and provided guides on how to stay safe when on the web.
“To give customers extra peace of mind, they will be prompted to reset their password the next time they visit or log onto their M&S.com account on our website or app, and we have shared information on how to stay safe online,” said M&S.
Be the first to hear the latest developments in the cyber industry.
