Cyber hackers have accessed personal data relating to a “significant number” of Co-op members, the convenience retailer has admitted.
The Co-op said that as it continued to experience “sustained malicious attempts by hackers”, it had learned they had been able to access data from one of its systems associated with current and past members.
This contained personal information such as names and contact details, but did not include members’ passwords, bank or credit card details, nor data relating to members’ and customers’ transactions, products or services with the Co-op Group, it said.
The convenience retailer said it was continuing to investigate the “highly complex situation” with the National Cyber Security Centre and National Crime Agency, and had implemented measures to prevent unauthorised access to its systems while minimising disruption to members, customers, colleagues and partners.
“We appreciate that our members have placed their trust in our Co-op when providing information to us,” said a Co-op spokeswoman. “Protecting the security of our members’ and customers’ data is a priority, and we are very sorry that this situation has arisen.”
Commenting on LinkedIn yesterday (5 May), Co-op Group CEO Shirine Khoury-Haq said: “The criminals that are perpetrating these attacks are highly sophisticated and our colleagues are working tirelessly to do three things: protect and defend our Co-op, fully understand the extend of the impact caused by the attack, and provide much-needed information to the authorities that may help them with their investigations.
“Actively managing the severity of the attack has meant shutting down some of our systems to protect the organisation. That said, our frontline colleagues are focused on minimising any disruption that might be experienced by our members and customers.
“As previously communicated, we have established that the cyber criminals were able to access a limited amount of member data. This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened. We recognise the importance of data protection and take our obligations to you and our regulators seriously, particularly as a member-owned organisation.
“I appreciate you will want to know more, and I hope you will understand that in order to protect our Co-op, we are limited as to the detail we can communicate at this time. I thank you for your patience and I will be in touch as soon as possible. Thank you for your continued support.”
The Co-op first announced it had been hit by cyber hackers on 30 April after it shut down parts of its IT estate. M&S and Harrods have also been targeted by cyber attacks.
No comments yet