UK-based supermarket chain Co-op has shut down parts of its IT system after it detected hackers trying to break into its network. Details about whether the attack was successful or not are lacking, but the attempt did disrupt its back office and call center services.
A Co-op spokesperson confirmed the attempt to BleepingComptuer. The spokesperson added that the company has taken “proactive steps to keep our systems safe,” including shutting down parts of its network. Aside from the aforementioned disruptions, all 3,700 branches across the UK are operating as usual. It’s quick commerce, and funeral home outlets are also operating as normal.
No details about the attack type, vector, or the attacker have been shared yet. No major threat actors have claimed the attack at the time of writing and Candid.Technology did not see any mention of stolen data related to Co-op on underground hacker forums.
Co-op’s scrape with digital threats has been far more forgiving, though. Another popular UK-based retail chain, Marks & Spencer (M&S), suffered a cyberattack, causing significantly more damage recently. The chain had to suspend all orders, reportedly affecting its financial performance. This was a ransomware attack that infected the chain’s systems with DragonForce ransomware and came from “Scattered Spider.”
There’s a good chance that what Co-op experienced was an attempt at a ransomware attack. Retail chains make good targets for ransomware groups, which are often financially motivated. Customer data held by retail chains can include payment information, digital identities, addresses, and other personally identifiable information (PII) that can be used to carry out identity theft or financial fraud. Even if the targeted company refuses to pay ransom, the threat actors can sell the data off on cybercrime forums to the highest bidder and make money.
In the News: Indian government directed to block Proton Mail
