.png)
6 hours ago
3
The Co-op was forced to scramble to fix a problem with contactless payments at dozens of its stores on Tuesday, as it grapples with the fallout from a cyber-attack which has left gaps on shelves.
The food retailer said that up to 200 of its 2,300 stores across the UK had been affected by an issue with its contactless payment systems on Tuesday morning but said the problem had been fixed in all stores by mid-afternoon.
A spokesperson for the Co-op said it had had “a small number of stores with contactless payment issues” earlier on Tuesday, but contactless payment was now available again in all of its shops.
The spokesperson said deliveries of some goods to stores had also been affected as the group had been forced to shutdown some systems as part of its efforts to contain the attack.
The Guardian revealed last Wednesday that the Co-op had been forced to shut down parts of its IT system after discovering an attempted hack, days after rival Marks & Spencer faced a serious cyber-incident.
On Thursday, it emerged that luxury department store Harrods had also been attacked. Its stores and website are continuing to trade.
The Co-op, which runs more than 800 funeral parlours and offers legal and financial services as well as its chain of grocery stores, said hackers had been able to access personal data including names and contact details relating to an undisclosed number of the mutual’s current and past members – of which there are more than 6.2 million. Passwords and financial details were not accessed.
In a letter to customers, Shirine Khoury-Haq, the chief executive of the Co-op, said the group was “experiencing significant disruption”.
She added: “Our frontline colleagues are focused on minimising any disruption that might be experienced by our members and customers.”
M&S is now facing its third week of disruption, with its website closed and deliveries to stores affected. Over the weekend, some outlets were unable to offer meal deals as they run short of key items such as crisps and biscuits amid on-going problems with deliveries and stock systems. It is understood that M&S customer data has not been accessed.
after newsletter promotion
Both the Co-op and M&S attacks have been blamed on hackers using tactics commonly linked to the hacking group Scattered Spider and other similar and possibly linked associates such as Lapsus$ who frequent the same Telegram channels and hacking forums, the trade journal Bleeping Computer reported.
The National Cyber Security Centre said it was working with M&S and the Co-op to understand the nature of both incidents, and is expected to examine any potential links.
The Metropolitan police confirmed last week that detectives from its cybercrime unit, assisted by colleagues from the National Crime Agency (NCA), were investigating the attack on M&S. The NCA is also investigating the Co-op hack.
