Co-op customers can expect to see stock levels on shelves returning to normal this weekend, according to the company, which has reactivated its online ordering system for suppliers following a cyber-attack.
The attack led to payment issues, significant shortages of products in stores, and the exposure of customer and employee data.
The attackers, associated with the cyber crime service DragonForce, also claim responsibility for a similar breach affecting Marks and Spencer (M&S) and an attempted attack on Harrods earlier this month.
Co-op stated that it is “gradually bringing its systems back online in a safe and controlled manner.”
Earlier this month, cyber offenders breached Co-op’s IT systems, seemingly aiming to extort funds from the grocery chain.
To mitigate the attack’s effects, the company disabled several IT systems, impacting portions of its supply chain and logistics, which caused severe delivery disruptions.
Shoppers have posted pictures of bare shelves and empty fridges, particularly in rural areas where Co-op may be the sole major grocery option.
The Co-op is optimistic that in-store and online availability will improve in the coming days as they collaborate with suppliers to replenish stock.
All payment systems, including contactless options, have been restored and are operational.
In a statement, the company expressed gratitude to “colleagues, members, partners, and suppliers for their ongoing support.”
While the retailer aims to return to business as usual, experts warn that the repercussions of the cyber attack will likely be felt for a significant time.
According to Prof Oli Buckley, a cyber security expert at Loughborough University, “The reputational impact of an attack like this can linger.” He added that while recovery efforts help, rebuilding trust is more challenging.
He also pointed out that recovery expenses and investments in security enhancements could have a “long-lasting ripple effect” on the company’s finances.
Dr Harjinder Lallie, a cyber security reader at the University of Warwick, noted that customers may become “more cautious about sharing personal and financial information.”
This incident serves as a reminder for the retail sector that as IT systems become more complex and attacks more sophisticated, “proactive investment in resilience is essential.”
In a message circulated to its suppliers this week, first reported by The Grocer, Co-op requested patience as it works to restore its systems.
The company cautioned about potential increases in “volatility” regarding order volumes.
The cyber criminals allege to possess the private data of 20 million individuals registered in Co-op’s membership scheme, though the firm has not verified this claim.
M&S admitted on Tuesday that some customer data was compromised during the hack of its systems.
Customers are still unable to place online orders with M&S, nearly three weeks after the retailer suspended them.