Shoppers across the UK are noticing growing gaps in product displays at Co-op stores, with certain items missing and others running low, especially in smaller and remote locations. The disruptions come after a Co-op cyberattack that hit Co-operative Group’s IT systems two weeks ago, causing operational challenges.
The retailer, which employs more than 50,000 people and operates over 3,000 outlets nationwide, confirmed that it took “proactive steps” in April to shut down parts of its internal systems after detecting “unauthorised access attempts.”
What was initially described as a minor disruption due to Co-op cyberattack has now grown into a serious issue, affecting store stock levels and potentially compromising customer data.
Co-op cyberattack: Systems Shut Down to Contain Threat
In a statement last month, Co-op said it had “taken proactive steps” to protect its IT infrastructure from Co-op cyberattack. This included shutting down parts of the network to stop the attackers from spreading further through their systems.
Now, with food shortages impacting day-to-day shopping, particularly for perishable goods, the company is facing pressure to restore services while also handling the data privacy concerns that followed.
Shirine Khoury-Haq, CEO of Co-op, issued a personal message to member-owners this week, acknowledging the disruption caused by the Co-op cyberattack and the impact on Co-op’s operations.
“The criminals that are perpetrating these attacks are highly sophisticated and our colleagues are working tirelessly to do three things: (1) protect and defend our Co-op, (2) fully understand the extent of the impact caused by the attack and (3) provide much needed information to the authorities that may help them with their investigations,” Khoury-Haq wrote.
“Actively managing the severity of the attack has meant shutting down some of our systems to protect the organisation,” she added.
Empty Stores and Priority Deliveries
The shutdown has disrupted Co-op’s supply chain and impacted stock delivery to stores. Supplies of fresh fruit and vegetables, canned goods, and cigarettes have been inconsistent or missing entirely in some locations. Perishable items, particularly animal products such as meat, eggs, and milk, are being prioritized for delivery. The move aligns with strict UK regulations around handling food beyond its sell-by date.
The company has implemented a temporary stock and delivery strategy to keep the store running.
A Co-op spokesperson told BBC News that the chain has introduced “a temporary contingency stock ordering and delivery process” for such lifeline locations.
Customer Data Compromised
Adding to the disruption, Co-op also confirmed that some customer data was accessed by the attackers.
We have established that the cyber criminals were able to access a limited amount of member data. This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened,” Khoury-Haq wrote in her open letter.
The company did not disclose exactly what information was compromised, but emphasized that it takes data protection seriously and is cooperating with regulators.
Although further technical details remain limited, Co-op says it has directed customers to online resources for more information and is committed to transparency while managing the incident.
“I appreciate you will want to know more, and I hope you will understand that in order to protect our Co-op, we are limited as to the detail we can communicate at this time,” Khoury-Haq noted.
Scale of the Co-op Operation
In a financial update released earlier this year (April 3), the Co-op said it was making strategic investments to deal with rising operational costs and was continuing to support members, employees, and communities dealing with cost-of-living pressures. The company also saw a 22% increase in membership, reaching 6.2 million members—well on its way to its 2030 goal of 8 million.
However, the Co-op cyberattack now threatens to undercut some of that progress, both in terms of customer trust and day-to-day operations.
Not an Isolated Incident
Co-op’s cybersecurity incident is part of a concerning trend hitting UK retailers. Just days before the Co-op disclosed its breach, Harrods confirmed it too had been targeted in a cyberattack. The breach made Harrods the third major UK retailer in less than a week to report such an incident.
Earlier, Marks & Spencer also revealed a similar cybersecurity disruption, raising concerns about vulnerabilities in the country’s retail sector.
While details about the actors behind the Co-op breach remain unknown, investigations are underway with national authorities.
What’s Next?
Co-op has promised to keep its members and customers updated as more information becomes available. The company’s IT and security teams are working closely with law enforcement and third-party cybersecurity experts to assess the extent of the breach and strengthen their defenses.
For now, customers are being encouraged to shop with patience as the company works to stabilize supply chain operations and restock empty shelves. Online resources have also been made available to address any concerns related to the incident, especially around data privacy.
“Thank you for your continued support,” Khoury-Haq concluded in her letter. “Our front-line colleagues are focused on minimising any disruption that might be experienced by our members and customers.”
With more retailers joining the list of recent victims, cybersecurity is quickly becoming not just an IT concern but a frontline issue for customer service, supply chain resilience, and brand trust. For Co-op, how it navigates the next few weeks will shape public confidence in one of the UK’s most trusted consumer brands.
