Latest news with #Co-opGroup
Tom's Guide
18-07-2025
- Business
- Tom's Guide
Co-op cyberattack exposes personal data of all 6.5 million members — what to do next
The cyberattack at the Co-op Group is now confirmed to have involved the personal data of all 6.5 million members. As reported by Cybernews, Shirine Khoury-Haq, CEO, gave an interview on the BBC this week expressing her regret over the events and confirming the details. The hackers, believed to be members of the Scattered Spider group, managed to copy the member list which included personal details such as full names, home addresses, email addresses, phone numbers and birth dates. Fortunately, as Co-op had previously invested in detection systems that alerted it to the unusual behavior within a few hours, the group was able to shut down parts of its system within hours of the breach keeping the attackers from deploying the DragonForce ransomware. This means that no financial data, purchase history or transaction data was taken and that the hackers were unable to fulfill their goal of using the ransomware attack to blackmail the group. It also means that the attackers were unable to erase what they did, and their code was sent back to authorities resulting in arrests being made. The attack on Co-op occurred in April, just days after the attack on M&S and is believed to be part of a broader campaign that also resulted in a cyberattack targeting Harrods. The Scattered Spider group uses deception tactics to trick IT helpdesk employees into giving its hackers access to a network; the attacks often result in empty grocery store shelves or other businesses reverting back to paper based systems in order to continue operations. The Information Commissioner's Office, the UK's data protection watchdog has said that anyone concerned about their personal data should visit its website for information and support. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Additionally, Co-op members should be on alert for any signs of phishing attacks since threat actors will be looking for vulnerable targets using this stolen data. So be on alert for signs of phishing scams and social engineering attacks so you can avoid falling victim to them. Hackers will often leverage all the information they have on a potential target in order to try and trick you into clicking on a malicious link or downloading a malicious app or other software that appears legitimate but actually contains viruses. Likewise, never click on unexpected links, QR codes or attachments or links from unknown senders. Verify through independent means if someone contacts you asking you to download or click on something. Likewise, don't share personal information with people you don't know online, and clear out any old emails that may contain personal details and information. If you don't already have one of the best antivirus software solutions installed on your devices, make sure you get one. They have multiple features that can help protect you when you go online from VPNs and website alerts to identity monitoring and phishing protection.
Fashion Network
10-07-2025
- Business
- Fashion Network
UK police arrest four over cyberattacks on Marks & Spencer, Co-op and Harrods
Four people under the age of 21 have been arrested as part of a police investigation into cyberattacks that disrupted the operations of UK retailers Marks & Spencer, the Co-op Group and Harrods, Britain's National Crime Agency said on Thursday. April's ransomware attack on Marks & Spencer, one of the most recognized names in British retail, was the most severe—forcing the company to suspend online clothing sales for nearly seven weeks and costing it approximately £300 million ($400 million) in operating profit. The NCA said three males—two aged 19 and one aged 17—and a 20-year-old woman were detained in the West Midlands and London on suspicion of offenses under the Computer Misuse Act, as well as blackmail, money laundering and involvement in organized crime. All four were arrested at their homes, had their electronic devices seized and were being questioned by the NCA's National Cyber Crime Unit. On Tuesday, Marks & Spencer Chairman Archie Norman told lawmakers that the retailer had also contacted the U.S. FBI regarding the cyberattack. He said that 'loosely aligned parties' appeared to have coordinated their actions under the suspected leadership of a group known as DragonForce. Norman urged that British businesses should be legally required to report material cyberattacks, noting that two recent major attacks on large UK companies had gone unreported. Marks & Spencer resumed online clothing orders on June 10 following a 46-day suspension, although click-and-collect services have not yet been restored. Last week, CEO Stuart Machin told investors that the group expects to move past the worst of the disruption by August.
Fashion Network
10-07-2025
- Business
- Fashion Network
UK police arrest four over cyberattacks on Marks & Spencer, Co-op and Harrods
Four people under the age of 21 have been arrested as part of a police investigation into cyberattacks that disrupted the operations of UK retailers Marks & Spencer, the Co-op Group and Harrods, Britain's National Crime Agency said on Thursday. April's ransomware attack on Marks & Spencer, one of the most recognized names in British retail, was the most severe—forcing the company to suspend online clothing sales for nearly seven weeks and costing it approximately £300 million ($400 million) in operating profit. The NCA said three males—two aged 19 and one aged 17—and a 20-year-old woman were detained in the West Midlands and London on suspicion of offenses under the Computer Misuse Act, as well as blackmail, money laundering and involvement in organized crime. All four were arrested at their homes, had their electronic devices seized and were being questioned by the NCA's National Cyber Crime Unit. On Tuesday, Marks & Spencer Chairman Archie Norman told lawmakers that the retailer had also contacted the U.S. FBI regarding the cyberattack. He said that 'loosely aligned parties' appeared to have coordinated their actions under the suspected leadership of a group known as DragonForce. Norman urged that British businesses should be legally required to report material cyberattacks, noting that two recent major attacks on large UK companies had gone unreported. Marks & Spencer resumed online clothing orders on June 10 following a 46-day suspension, although click-and-collect services have not yet been restored. Last week, CEO Stuart Machin told investors that the group expects to move past the worst of the disruption by August. © Thomson Reuters 2025 All rights reserved.
Yahoo
24-06-2025
- Business
- Yahoo
Co-op to cease trade with countries identified with human rights abuses
British cooperative group Co-op has decided to terminate trade relations with nations identified with widespread human rights abuses and violations of international law. Co-op members have been consistently highlighting conflict as a major concern through feedback and resolutions in recent years. Heeding this strong message from its members, the Co-op board conducted a review on how the Co-op could contribute to peace. This resulted in the initiation of the campaign: "Hate Divides Communities, Co-operation Builds Them." The review further led to the formulation of a sourcing policy that reflects traditional co-operative values, with a focus on human rights and legal compliance to foster fair trade and support peaceful initiatives. The retailer established three criteria for ceasing sourcing from certain countries: consensus among respected assessments such as those from the UN regarding persistent human rights abuses or international law violations, the potential for Co-op's actions to make a meaningful difference and reduce suffering, and ensuring such actions do not compromise Co-op's commercial success or its adherence to co-operative principles. Efforts will therefore be made to exclude ingredients in Co-op branded products or sell products from 17 identified countries of concern. The list includes specific products exclusively sourced from their origin countries, such as Russian vodka, Malian mangoes and Israeli carrots. These items will be gradually removed from Co-op stores and products from June 2025. Co-op Group board chair Debbie White stated: 'This policy, which has been developed over the past year as a part of our Hate Divides Communities, Co-operation Builds Them campaign, is a clear demonstration of our co-operative values in action, where the voices of our members have been listened to and then acted upon. 'We are committed, where we can, to removing products and ingredients from our shelves which are sourced from those countries where the international consensus demonstrates there is not alignment with what happens in those countries and our co-operative values and principles. The decision, endorsed by the Co-op Group board, aligns with the commencement of Co-ops Fortnight, to be held from 23 June to 6 July in the UK. "Co-op to cease trade with countries identified with human rights abuses" was originally created and published by Retail Insight Network, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
RTÉ News
10-06-2025
- Business
- RTÉ News
M&S resumes UK online orders following cyber attack
British retailer Marks &Spencer resumed taking online orders in the UK for some clothing lines today after a 46-day hiatus following a damaging cyber attack. Online orders on the Irish site remain paused. The 141-year old M&S, one of the best known names in British business, said on its website "select fashion ranges now available to buy online". M&S stopped taking clothing and home orders through its website and app on April 25 following problems with contactless pay and click and collect services over the Easter holidayweekend. It first disclosed it had been managing a "cyber incident"on April 22. M&S said last month it expected online disruption tocontinue into July and forecast the attack would cost it about 300 million pounds ($404 million) in lost operating profit in its 2025/26 financial year, though it hopes to halve the impact through insurance and cost control. The disruption to systems also affected M&S' ability to get food and clothing into stores, which meant it lost out on demand boosted by warm and sunny weather. Analysts have predicted the end of season clothing sale will be larger than normal and with deeper discounts. Taking account of Tuesday's rise, M&S shares are down 9.5% since it disclosed the attack. M&S said hackers broke into its systems by trickingemployees at a third-party contractor, skirting its digital defences to launch a cyber attack. The group has said it will use the crisis to accelerate improvements to its technology. In recent weeks, several other major retailers across the globe have disclosed cyber incidents, including UK grocer the Co-op Group, German sportswear group Adidas, luxury jeweller Cartier and US lingerie company Victoria's Secret
