The Co-op has now publicly acknowledged that it was the target of a cyber attack. On Wednesday, they announced that hackers stole sensitive data from hundreds of current and former members of the organization. This incident should be very alarming to anyone about data safety. Operating more than 2,500 supermarkets and 800 funeral homes, and a leading insurance business, the Co-op employs around 70,000 people throughout the United Kingdom.
In other news Co-op disclosed that hackers had apparently breached data on its vast new member reward program. This breach is alleged to impact 20 million people. Yet this number has not been independently confirmed by the company. Such a move comes amid heightened concern with cyber security in the retail industry. UK government officials are emphasizing that it is crucial to prioritize protection of digital infrastructures.
Approximately a week prior to the public announcement, Co-op’s head of security engaged in a conversation with the hackers, who stated, “Hello, we exfiltrated the data from your company.” This letter included a strong joint message about the need for companies to implement stronger cyber security measures. Co-op shared an anonymised sample of 10,000 customers’ data with BBC News. This brazen gamble contained sensitive information such as membership card numbers, names, home addresses, emails, and phone numbers.
As a protective measure in the aftermath of the breach, Co-op has since instituted new protocol for its employees. Workers have already been told to remain on camera for all Teams meetings and banned from recording or transcribing calls. Additionally, they are required to verify the authenticity of all participants in these communications to mitigate the risk of further breaches.
“We’re putting UK retailers on the Blacklist.” – Co-op hackers
Hackers in this attack are members of DragonForce, one of the most feared ransomware organizations. They have been consistently attacking a number of retailers all over the UK. The attack on Co-op serves as another reminder that cybercriminals are an ever-present threat. We need the same vigilance in the digital age.
Pat McFadden, the UK government’s Minister of State for E-Commerce, recently called upon retailers to make cyber security job one. He emphasized that “in a world where the cybercriminals targeting us are relentless in their pursuit of profit – with attempts being made every hour of every day – companies must treat cyber security as an absolute priority.” McFadden noted the direct impact of such attacks on everyday life, stating, “We’ve watched in real-time the disruption these attacks have caused – including to working families going about their everyday lives.”
“It serves as a powerful reminder that just as you would never leave your car or your house unlocked on your way to work. We have to treat our digital shop fronts the same way.” – Pat McFadden
Co-op is in ongoing efforts to remedy the fallout from this breach. So it’s critically important that the company, and especially its brick-and-mortar retail counterparts—easy targets for cyber criminals—make their cyber defenses much harder to crack. The priority cybersecurity incident on the arc highlights a significant need for a holistic, collaborative approach to cybersecurity. Through information sharing and operational collaboration, industry organizations can better empower consumers to navigate a safer transportation environment.
Co-op’s dedication to bridging these gaps will be key in regaining consumer confidence. They’re doing everything they can to address what happened and strengthen their security protocols. Everyone from industry to environmental advocates is looking to see how successfully they rise to meet this urgent challenge.