Co-op Shuts Down Parts of IT System Following Attempted Cyberattack​

​

The Co-operative Group (Co-op) has proactively shut down sections of its IT infrastructure after detecting an attempted cyberattack, just days after a similar incident disrupted operations at Marks & Spencer (M&S).​

In a communication to staff, Co-op confirmed that it had “taken steps to keep systems safe” by preemptively withdrawing access to certain systems. This precautionary measure has impacted some back-office and call centre services, including virtual desktops and stock management operations. Despite these disruptions, all Co-op grocery stores, funeral homes, and delivery services continue to operate normally. ​

A Co-op spokesperson stated: “We have recently experienced attempts to gain unauthorised access to some of our systems. As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact to some of our back office and call centre services.” ​

The company emphasized that there is no evidence customer data has been compromised and that customers do not need to take any action at this time.​

This incident follows a significant cyberattack on M&S, which led to the suspension of online orders and disruptions in contactless payments and click-and-collect services. The hacking group “Scattered Spider” has been linked to the M&S attack. ​

While Co-op has not confirmed any connection between the two incidents, the proximity of the attacks has raised concerns about the cybersecurity resilience of major UK retailers.​

Co-op has assured stakeholders that it is working diligently to minimize service disruptions and will provide updates as necessary.​