Co-op apologises after hackers access members’ personal data

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it’s investigating the financials of Elon Musk’s pro-Trump PAC or producing our latest documentary, ‘The A Word’, which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Co-op has apologised after hackers accessed and extracted members’ personal data such as names and contact details.

The retail firm said on Friday it is experiencing “sustained malicious attempts” to access its systems, having already shut off parts of its IT systems earlier this week.

It comes after fellow retailers Harrods and Marks & Spencer were also hit with cyber attacks, with the latter continuing to deal with the fallout of a ransomware attack which has left the business unable to process online orders since last Friday.

The National Crime Agency (NCA) said it is investigating the attacks individually but are “mindful they may be linked”.

A Co-op spokesperson said: “As a result of ongoing forensic investigations, we now know that the hackers were able to access and extract data from one of our systems.

“The accessed data included information relating to a significant number of our current and past members.

“This data includes Co-op Group members’ personal data such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group.

“We have implemented measures to ensure that we prevent unauthorised access to our systems whilst minimising disruption for our members, customers, colleagues and partners.

“We appreciate that our members have placed their trust in our Co-op when providing information to us. Protecting the security of our members’ and customers’ data is a priority, and we are very sorry that this situation has arisen.”

The business said its back office and call centre services have been affected but Co-op’s more than 2,000 grocery stores and 800 funeral parlours across the UK are trading as usual.

A National Crime Agency spokesperson said: “We are aware of the recent cyber incidents affecting the retail sector and are working closely with our law enforcement partners to investigate.

“We are considering the incidents individually, however, we are mindful they may be linked and therefore this will remain under review.”