Co-op stores across the country have been left with empty shelves following a devastating cyber attack which stole personal data from 20million customers.
The supermarket said sustained malicious attempts by hackers to access their systems had prompted it to shut down its delivery systems.
They said this meant ‘some of our stores might not have all of their usual products available’.
Pictures from a London co-op show rows of empty shelves, with fresh fruit and vegetables unavailable to customers and stocks of sandwiches and milk in short supply.
A note on some of the fridges read: ‘Sorry, we’re having some availability issues which will be resolved shortly.’
Co-op owns more than 2,000 grocery stores around the country. It has been battling hackers since last week, admitting on Friday that personal data had been stolen from a ‘substantial’ number of customers.
A number of Co-op stores are now unable to take card payments following the cyber attack.
Customers reported on Tuesday that three stores in Manchester had signs indicating that they were ‘cash only’ as their card machines were offline.
Shelves were left empty at a Co-op in London, with fresh fruit and vegetables unavailable
Sandwiches and meal deals were in short supply for customers, with suppliers being affected by the hack
Co-op conceded that personal data such as names and contact details had been taken from its membership scheme
It is also understood that contactless payments have also been affected in a small number of stores, with the group working to get normal systems restored.
The vast majority of the retailer’s 2,300 shops are still taking usual forms of payment.
Co-op’s chief executive Shirine Khoury-Haq wrote to members on Monday, where she confirmed that a ‘limited amount’ of data had been stolen by hackers, The Telegraph reported.
She added: ‘This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened.’
It follows cyber attacks on Marks & Spencer and Harrods in the past month.
M&S has now been forced to pause online sales for more than two weeks and is now facing shortages of popular products such as its lunch-time meal deals and its Colin the Caterpillar cake.
The company has also halted ordering systems, which has disrupted deliveries to its shops.
The Hackers operate under the name Dragonforce and said they infiltrated the Co-op’s IT network and stolen both customer and employee data, including contact details, in its cyberattack on Wednesday.
The group have claimed that the breach was far more serious than what the company had told the public.
The Co-op admitted that a criminal group had infiltrated the company’s IT network and stolen both customer and employee data in a cyber attack on Wednesday (file image)
Another image shows notes on the fridges, warning customers about shortages of stock
Co-op had previously claimed that the cyberattack only had a ‘small impact’ on its operations and insisted there was ‘no evidence that customer data was compromised’.
The attacks have also been linked to a criminal gang known as Scattered Spider, made up of British and American teenagers.
The hackers tricked employees into resetting their passwords, according to cyber security website BleepingComputer.
The supermarkets have seeked help from the National Cyber Security Centre and the police’s National Crime Agency.
The NCSC, an arm of GCHQ, urged retailers to review their IT helpdesk procedures on Sunday.
The blog post noted press ‘speculation’ that hackers had been ‘targeting IT helpdesks to perform password and MFA (multi-factor authentication) resets’ in an attempt to trick them into giving up access to their internal systems.
The hackers messaged Co-op’s head of cyber security in an internal Microsoft Teams chat on April 25, telling them: ‘Hello, we exfiltrated the data from your company’, the BBC reported.
The hackers say they also messaged other members of the executive committee as part of their scheme to blackmail the firm.
An expert said the hackers were likely able to bluff their way past staff because their command of the English language gave them ‘authenticity’ – a crucial asset in convincing targets to unwittingly compromise their own security.
Co-op owns more than 2,000 grocery stores around the country, many of which are now experiencing shortages
Nathaniel Jones, vice president of security and AI strategy at cyber security firm Darktrace, told The Mail on Sunday this made the scam ‘unique’.
‘Most of those sort of cyber crime gangs are sitting in Russia or Belarus,’ he said.
‘So the fact that they’re English native speakers, a number of them, that’s quite unique. I don’t know another group out there like that.’
Local stores, such as Winterton Co-op in Lincolnshire have posted messages on social media, warning customers of potential shortages.
A store spokesperson wrote: ‘Hi all just a quick update. Our deliveries are not as they should be, hence the empty shelves in store. This is due to the recent attack on co op. We’re hoping it is all resolved soon.’
A Co-op spokesman said: ‘All our stores are open and trading however, due to the sustained malicious attempts by hackers to access our systems, we have taken proactive steps to keep our systems safe, which is temporarily impacting our colleagues’ ability to perform their roles and how many deliveries we can make to our stores.
‘This means that some of our stores might not have all of their usual products available and we would like to say sorry to our members and customers if this is the case in their local store. We are working around the clock to reduce disruption and resume deliveries.
‘We would like to thank our colleagues, members, customers, and suppliers for their understanding during this time.’
