Co-op Food has disclosed a cyberattack targeting its internal systems, leading to disruptions in back-office and customer support operations.
While the incident prompted precautionary security measures, all retail stores, funeral homes, and quick commerce services remain open and fully operational.
In a statement shared with our newsroom, a Co-op spokesperson confirmed that the company “recently experienced attempts to gain unauthorized access” to its systems. In response, it implemented unspecified safeguards to protect its infrastructure, which resulted in a “small impact” on certain internal services, including call center operations. The spokesperson emphasized that there is no current need for customers or members to take any action and assured the public that efforts to minimize disruption are ongoing.
Co-op is a major UK-based consumer cooperative with a significant presence in retail food, insurance, legal services, and funeral care. With over 3,700 food stores and thousands of employees, it represents a critical component of daily retail infrastructure across the United Kingdom. Its complex IT environment — spanning logistics, payments, customer engagement, and governance — presents an attractive surface for opportunistic or targeted cyberattacks.
At this stage, Co-op has not released technical specifics regarding the nature of the intrusion. It is unclear whether the incident involved data theft, ransomware deployment, or unauthorized administrative access. The organization also did not disclose whether any threat actor group has claimed responsibility. Given the company’s size and the essential nature of its services, even modest interruptions in internal systems could pose operational and reputational risks if prolonged.
The retail sector in the UK has faced mounting cybersecurity challenges in recent weeks, including several high-profile attacks targeting critical infrastructure and customer-facing platforms. Notably, Marks & Spencer continues to grapple with the aftermath of a major ransomware attack attributed to the Scattered Spider group. That breach disrupted store systems and forced the suspension of all online orders after attackers reportedly extracted Active Directory data and deployed the DragonForce ransomware encryptor to internal VMware systems.
Though there is no indication that Co-op’s incident is related or similarly severe, the timing highlights a broader and persistent threat to retail IT systems.
Co-op has promised continued transparency as the situation evolves and thanked its employees, customers, and partners for their patience during the ongoing investigation.
In the meantime, people in the UK should remain vigilant for phishing messages that may claim to be from Co-op or other retailers, especially those requesting sensitive information.
Leave a Reply