‘There’s nothing to buy’: Co-op cyberattack devastates availability

Widespread availability issues are crippling Co-op stores across the country as a result of its ongoing cyberattack.

Co-op has written to its suppliers warning them “we are currently unable to place orders until further notice”. In a communication seen by The Grocer, the retailer requests they “do not send deliveries to Co-op depots” without a direct go-ahead.

The attack had “necessitated the temporary shutdown of certain elements of our supply chain and logistics operations” Co-op said in its message.

Empty shelves

Shoppers have reported stores have been without milk or fresh produce “for days”. “Never seen our Co-op shelves so empty,” one said. “There’s nothing to buy,” said another.

The Co-op’s online offering has also been severely impacted, with widespread out-of-stock notices on non-ambient products.

The retailer has been forced to post paper notices within stores reading: “Sorry, we’re having some availability issues which will be resolved shortly.” Online, a message on the Co-op grocery website says: “Please bear with us while we fix some technical issues affecting product availability.”

As a precaution, many brands have “blocked emails and disconnected integrated systems from the Co-op” the retailer said in its communication to suppliers. However, the retailer urged “there is no change in the risk to our supply chain, which includes all EDI connections and the Supplier Portal (Co-op Connect)”.

Rural and remote stores are understood to be particularly affected by availability issues. The Telegraph first reported the retailer is now prioritising the supply of essential items to shops on islands and in isolated towns.

The Co-op told The Grocer it is ”now making deliveries to all of our stores” and ”flowing in an increased level of fresh, chilled and frozen products alongside cupboard essentials”.

“Some of our stores might not have all of their usual products available and we are sorry if this is the case for our members’ and customers in their local store. We are working around the clock to reduce disruption and are pleased we can resume delivery of stock to our shelves,” a spokesman said.

It is understood Nisa stores, which are supplied by Co-op, have not been affected.

In its message to suppliers, Co-op said Co-op Wholesale depots in Livingston, Stoke, Harlow, and Scunthorpe “are still operating as normal”.

Nisa stores have acted to reassure customers about availability. Nisa Local Dallam in Warrington told customers this week: “Our ordering system is running independently and continues to operate without disruption. Additionally, our distribution network remains fully functional.”

Co-op first revealed it had shut down parts of its IT estate, having “recently experienced attempts to gain unauthorised access to some of our systems”, last week. At the time it said the damage was limited to “a small impact to some of our back office and call centre services”.

Days later, as it experienced “sustained malicious attempts by hackers”, the retailer said the hackers had been able to access data from one of its systems associated with current and past members.

On Monday, Co-op Group CEO Shirine Khoury-Haq issued a communication to customers that the attackers had been “able to access a limited amount of member data” which was “obviously extremely distressing for our colleagues and members”. A guide on the Co-op website says the accessed data includes member names, residential addresses, email addresses, phone numbers and dates of birth, but not passwords or bank or credit card details.

The attack earlier this week also knocked contactless card payments offline at nearly one in 10 stores, forcing customers to use cash or enter their PIN numbers.

Co-op’s struggle comes amid a spate of cyberattacks on UK retailers, among them M&S and Harrods.

Technology publication BleepingComputer, citing multiple sources, reported both the M&S and Co-op attacks started with hackers impersonating employees and convincing help desks to reset passwords so they could gain access to the network.

The CEO of the National Cyber Security Centre – which is investigating the “complex and ongoing situation” with the National Crime Agency – Richard Horne this week said the spate of attacks “should act as a wake-up call to all organisations”.

The Information Commissioner’s Office (ICO) earlier this week issued an alert to consumers to use strong passwords and regularly check for updates from impacted retailers and follow their advice “if they confirm that your personal information has been impacted by a cyberattack”.