Co-op is urgently diverting stock to remote stores to ensure customers aren’t left facing empty shelves and food shortages, as it continues to battle disruption from a cyber attack. With customers across Scotland reporting product availability issues, Co-op is re-routing inventory to rural and island locations where it is the main retailer serving remote communities.

Stock systems remain scrambled after cyber incident

Grocery Gazette reported that the product availability issues were due to technical difficulties with the retailer’s Electronic Data Interchange (EDI) system, which had scrambled stock management and deliveries. It also reported that Co-op suppliers have been asked to cancel deliveries to the retailer’s warehouses in the past few days as it grapples with ongoing disruption to IT systems following the cyber incident.

It is also understood that contactless payments have been affected in a small number of stores, with the group working to get normal systems restored.

DragonForce claims responsibility warning impact is ‘more serious’ than previously reported

Cyber crime group, DragonForce, has claimed responsibility for the attack on Co-op. Its ransomware has also been linked to recent cyber incidents at M&S and an attempted hack on Harrods.

DragonForce cyber criminals told the BBC that the Co-op attack was far more serious than the retailer had previously admitted. Co-op CEO, Shirine Khoury-Haq, has previously said a “limited amount of data” had been breached in a letter to its members, however DragonForce claims to have private information of ~20million Co-op customers.

Spate of cyber attacks should act as a wake-up call for retailers says NCSC

The National Cyber Security Centre (NCSC) and National Crime Agency (NCA) are currently investigating the cyber attack, in which a fake IT helpdesk call to a Co-op staff member is believed to have allowed the hackers to gain access.

“The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers and the public,” Dr Richard Horne, CEO of the NCSC, said.

He said the recent cyber crime incidents should act a “wake-up call” to retailers, and urged retail leaders to “ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.”

Data from Cisco revealed that currently only 4% of UK firms are fully prepared to defend against complex cyber threats, with 83% experiencing with a shortage of skilled cybersecurity professionals. “Retailers are prime targets because of the volume of identity and payment data they hold,” Xavier Sheikrojan, Senior Risk Intelligence Manager at Signifyd, said.