Co-op shuts down systems after sophisticated cyber attack

The chief executive of retailer the Co-operative Group has updated its 6.2 million members with an admission that the business faces “significant disruption” and that the “highly sophisticated” criminals behind a cyber attack have accessed details about individual members. 

In a statement last night Shirine Khoury-Haq said: “As you may be aware, we are currently experiencing significant disruption following a cyber-attack on our Co-op. As a Member-Owner of our Co-op, we want to be open with you about where we find ourselves right now, so I am writing to you personally to give as clear a picture as I am currently able to provide.”

Shoppers entering Co-op stores yesterday (6 May 2025) were greeted with signs apologising for stock shortages and for a while contactless contactless payment systems were disabled in 200 stores. 

This was a direct consequence of the attack.

She said Co-op staff were “actively managing” the severe attack, which has meant “shutting down some of our systems to protect the organisation.”

She added: “As previously communicated, we have established that the cyber criminals were able to access a limited amount of member data. This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened. We recognise the importance of data protection and take our obligations to you and our regulators seriously, particularly as a member-owned organisation.”

A hacking group based in the UK calling itself Scattered Spider have claimed responsibility, and detectives from the National Crime Agency are investigating the attack.