Cybersecurity within the UK retail sector is back in the spotlight, after a second reported cyber incident at a well known high street chain.
According to the Guardian, it has seen a letter that was send to staff at the Co-op on Tuesday, that said the mutual had “taken steps to keep systems safe” so had “pre-emptively withdrawn access to some systems for the moment”.
It comes after Marks & Spencer (M&S) continues to struggle with a cyberattack, for which it apologised last Friday and stopped taking online and app orders.
On Monday M&S instructed agency staff at its central England distribution centre near Derby to stay at home.
Partial IT shutdown
Meanwhile according to the Guardian report, the Co-op has had to shutdown part of its IT systems.
The group reportedly said the measures to protect its systems included the shutdown of some business services for teams running stores and its legal services division.
The stock monitoring system is understood to be one of those affected, the Guardian noted.
One well-placed source told the Guardian that gaps could soon appear on shelves in some areas if the problem was not resolved fairly swiftly.
Some staff would not be able to work from home from Wednesday after remote access to some systems was blocked, the same source reportedly said.
Co-op statement
The Co-op reportedly said all its stores, including rapid home deliveries, were trading as usual, as were its funeral homes.
“We have recently experienced attempts to gain unauthorised access to some of our systems,” a Co-op spokesperson was quoted by the Guardian as saying.
“As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact to some of our back office and call centre services.
“We are working hard to reduce any disruption to our services and would like to thank our colleagues, members, partners and suppliers for their understanding during this period.”
The Co-op said it was “not asking our members or customers to do anything differently at this point”, indicating that it is does not believe customer data has been accessed. It reportedly added: “We will continue to provide updates as necessary.”
Retail attacks
The Co-op owns more than 2,000 grocery stores and over 800 funeral parlours in the UK, as well as legal and financial services businesses.
There have been a number of cyber incidents at UK retailers over the years.
Morrisons for example has experienced several cybersecurity incidents, including a data breach in 2014 and in the run-up to Christmas last year it was affected by an incident at its tech supplier Blue Yonder.
In 2021 Tesco took down its website and app after the supermarket confirmed “attempts “to interfere with our systems.”
In 2023, WH Smith was hit by an attack in which company data was accessed illegally.
In February cloud cybersecurity specialist Zscaler revealed that 60 percent of global organisations expect to experience a significant cyber failure in the next 12 months.
