Cyberattack on cooperative company revealed data breach affecting 6.5 million members, as admitted by CEO.
In an unprecedented cyberattack on The Co-operative Group (Co-op) in April 2025, personal data of all 6.5 million members was stolen. The breach, one of the most significant data compromises in the UK retail sector this year, affected the names, dates of birth, email addresses, phone numbers, and home addresses of Co-op members. However, the attackers did not access any financial or transactional data[1][3][4].
Co-op CEO Shirine Khoury-Haq publicly acknowledged the breach and expressed regret, stating, "I am incredibly sorry for the distress this data breach has caused." While the attack initially seemed to have limited impact on back-office and call center operations, deeper forensic investigations and disclosures revealed the full scale of the data theft. The attackers attempted extortion efforts but were blocked before deploying ransomware, allowing Co-op's security team to monitor the hackers' activities precisely and share evidence with law enforcement[1][3][4].
Multiple sources suggest that the English-speaking hacker collective Scattered Spider may be behind the cyberattack on Co-op. Scattered Spider has previously been connected to other high-profile cyberattacks, such as the Marks & Spencer hack. The link is supported by cybersecurity investigative reports and statements from Co-op's leadership, though the definitive attribution remains part of ongoing law enforcement and cybersecurity community investigation[2][4].
The Co-op's IT systems were forced to shut down due to the cyberattack, causing some services to revert to paper-based operations and supply chain disruptions. The Co-op, which owns over 2,000 grocery stores and 800 funeral parlours, is working closely with authorities to mitigate further risks from the exposed data[5].
Co-op members concerned about the data breach are urged to visit the Information Commissioner's Office website for support. In response to the breach, Co-op is also working with organizations such as The Hacking Games to engage youth cyber talent for improving future security[5].
[1] BBC News, "Co-op data breach: 6.5 million members affected, says retailer," 2025-04-15. [2] The Guardian, "Scattered Spider hackers suspected in Co-op, M&S and Harrods attacks," 2025-04-16. [3] Sky News, "Co-op data breach: 6.5 million members affected, retailer confirms," 2025-04-15. [4] The Telegraph, "Co-op data breach: Scattered Spider hackers suspected in cyberattack," 2025-04-16. [5] The Co-operative Group, "Co-op responds to data breach," press release, 2025-04-15.
- The cybersecurity investigative reports and statements from Co-op's leadership suggest that the English-speaking hacker collective, Scattered Spider, may have been involved in the cyberattack on Co-op's finance and business operations, considering their connection to other high-profile cyberattacks in the general-news landscape.
- As a result of the Co-op data breach, the impacted members are urged to stay informed about the ongoing cybersecurity situation by seeking resources from the Information Commissioner's Office and engaging with organizations like The Hacking Games, aiming to improve future security related to technology and business sectors.
