Co-op supply chain in crisis as cyberattack impacts stores nationwide

Co-op supermarkets across the UK are grappling with severe product shortages following a large-scale cyberattack that has disrupted its supply chain. The attack targeted critical ordering and logistics systems, leaving shelves noticeably bare, particularly of fruit and vegetables. Effects of the attack have been confirmed at 2,500 stores, with some areas experiencing worse shortages than others.

In response to the breach, Co-op temporarily took several of its systems offline, an action that has hindered its ability to manage stock levels and fulfil deliveries. The retailer has prioritised routing limited supplies to remote areas where its stores serve as the primary source of groceries. However, deliveries remain approximately 20 per cent lower than usual, and it may take until June for services to fully stabilise, according to company insiders.

Co-op’s wholesale partners, including Nisa and Costcutter, have also felt the strain of disrupted supply chains. Stores in the Channel Islands, among the worst hit, are working to source alternative goods through local and international suppliers to mitigate shortages. Co-op Channel Islands CEO Mark Cox has stated that recovery efforts are ongoing, with improvements expected on a daily basis.

This incident is not isolated as other major UK retailers have also suffered similar attacks. Marks & Spencer (M&S) disclosed that a recent hack resulted in customer data being accessed. While M&S clarified that credit card details and passwords remained secure, the breach has significantly hampered its business. The attack caused the suspension of online orders and impacted stock availability in various stores. Customers have been required to reset their passwords as part of enhanced security measures.

Both the Co-op and M&S breaches have been attributed to a group of hackers linked to the Scattered Spider network. The group appears to work in collaboration with DragonForce, a malware operation stemming from Malaysia. The hacking spree has highlighted the vulnerability of UK businesses to sophisticated social engineering tactics and ransomware attacks.

The National Cyber Security Centre and the National Crime Agency have launched investigations into the attacks. As recovery efforts continue, the financial impact on both Co-op and M&S is expected to be significant, underlining the increasing threats faced by businesses in an interconnected digital landscape.