Major update as supermarket relaunches IT systems after cyber attack

A supermarket has issued a major update as it prepares to relaunch its IT system after a cyber attack.

The Co-op is set to turn online orders back on from today in a boost to shoppers.

A spokesperson for the supermarket told The Sun: “Following the malicious third-party cyber-attack, we took early and decisive action to restrict access to our systems in order to protect our Co-op.

“We are now in the recovery phase and are taking steps to bring our systems gradually back online in a safe and controlled manner.”

They added that “we have switched all our orders back to the normal supply processes and systems”.

The move will see stock levels return to normal in the coming days after the retailer faced widespread shortages over the past few weeks.

There will be more items available in Food stores and online from this weekend.

The Co-op also confirmed that it is working closely with its suppliers to restock its stores.

Shoppers have seen large gaps on Co-op shelves after the retailer was targeted by cyber criminals on April 30.

Customers have complained of shortages of fresh produce, ready meals, yoghurts and confectionery.

The attack also pushed contactless card payments offline in nearly one in ten stores, which forced customers to pay with cash or enter their PINs at the till.

The Co-op has confirmed that all forms of payments including contactless, and chip and pin are now working across all of its stores.

The news comes after the retailer was forced to close part of its IT system following the attempted cyber attack.

This included restricting access to certain systems, impacting some back office functions and call centre services.

A fortnight ago the Co-op confirmed that some customers have had their private data stolen in the cyber attacks.

Personal details such as names, contact information and dates of birth of a “significant number” of customers and past members were compromised, the chain said.

But members’ passwords, credit card details and transaction information were not stolen.

Cyber criminals managed to extract the data from one of the shop’s systems, forensic investigations revealed.

The National Crime Agency and National Cyber Security Centre are investigating the breach.

The true scale of the damage only became clear after hackers contacted the BBC with evidence they had stolen customer data.

Customers were assured that the Co-op has implemented measures to “minimise disruption”.

In a statement the company said: “We appreciate that our members have placed their trust in our Co-op when providing information to us.

“Protecting the security of our members’ and customers’ data is a priority, and we are very sorry that this situation has arisen.”

What has happened at M&S?

The Coop is not the only retailer to be hit by a cyber attack.

M&S has been experiencing significant disruption after a cyber incident which has affected contactless payments, click-and-collect services and online orders.

The problems started on April 19, when customers reported that they were unable to collect purchases or return items.

On April 21 M&S acknowledged the attack and apologised for the inconvenience.

It engaged cyber security experts and notified the National Cyber Security Centre and the Information Commissioner’s Office.

The criminals suspected behind the attack are known as “Scattered Spider” and have become one of the most prolific cybergangs of the past 18 months.

They specialise in ransomware – a type of attack that is designed to steal information or access in exchange for a sum of money.

They have built a reputation for targeting large, customer-facing organisations through social engineering and identity-focused tactics.

Jamie Akhtar, CEO and Co-founder at CyberSmart, told The Sun: “This is a group known not for sheer technical sophistication, but for their ability to manipulate access, often by impersonating employees or exploiting multi-factor authentication systems.”

Despite M&S’s efforts to restore systems, disruption continued throughout the week.

The retailer was forced to suspend online and app orders on April 24.

As a result, the company’s share price tumbled by 5%.

Shoppers then began to report empty shelves in some stores as the cyber incident affected stock levels.

Customers complained they were unable to get their hands on bananas, fish and Colin the Caterpillar cakes.

When questioned, staff said the disruption was linked to the cyber attack.

Yesterday Jane Wall, the head of customer service at M&S, contacted customers to let them know what the cyber attack means for them.

She confirmed that some personal customer data has been taken but there is no evidence that it has been shared.

This data could include contact details, date of birth and online order history.

But she said it does not include usable card or payment details or account passwords.

She warned customers that they may receive emails, calls or texts fraudulently claiming to be from M&S so customers must be vigilant.

She added: “We sincerely apologise for any inconvenience caused to you and all of your customers.

“Thank you so much for shopping with us and for your support, we never take it for granted.”

Do you have a money problem that needs sorting? Get in touch by emailing [email protected].

Plus, you can join our Sun Money Chats and Tips Facebook group to share your tips and stories