Co-op shuts down systems after sophisticated cyber attack

The chief executive of retailer the Co-operative Group has updated its 6.2 million members with an admission that the business faces “significant disruption” and that the “highly sophisticated” criminals behind a cyber attack have accessed details about individual members. 

In a statement last night Shirine Khoury-Haq said: “As you may be aware, we are currently experiencing significant disruption following a cyber-attack on our Co-op. As a Member-Owner of our Co-op, we want to be open with you about where we find ourselves right now, so I am writing to you personally to give as clear a picture as I am currently able to provide.”

Shoppers entering Co-op stores yesterday (6 May 2025) were greeted with signs apologising for stock shortages and for a while contactless contactless payment systems were disabled in 200 stores. 

This was a direct consequence of the attack.

She said Co-op staff were “actively managing” the severe attack, which has meant “shutting down some of our systems to protect the organisation.”

She added: “As previously communicated, we have established that the cyber criminals were able to access a limited amount of member data. This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened. We recognise the importance of data protection and take our obligations to you and our regulators seriously, particularly as a member-owned organisation.”

A hacking group based in the UK calling itself Scattered Spider have claimed responsibility, and detectives from the National Crime Agency are investigating the attack.

Cabinet Office minister Pat McFadden will tell the CyberUK conference in Manchester today (7 May 2025) that such cyber attacks “should serve as a wake-up call for businesses and organisations up and down the U.K.”