Código HTML do Conteúdo

Post: Co-op says it lost $107 million after Scattered Spider attack - Against Invaders - Notícias de CyberSecurity para humanos.

<div> <div> <p>The Co-operative Group in the U.K. released its interim financial results report for the first half of 2025 with a massive loss in operating profit of &pound;80 million ($107 million) due to the cyberattack it suffered last April.</p> <p>The impact is analyzed into two categories, namely &pound;20 million in one-off incremental costs and &pound;60 million from lost sales while systems were offline.</p> <p>The cybersecurity incident also caused a reduction in revenue of &pound;206 million ($277 million). Co-op statesthat it expects another &pound;20 million in losses for the second half of the year, as recovery will continue.</p> <p>Co-op is a large UK member-owned co-operative group active in food retail, life services, and business-to-business services. It operates 2,300 food retail stores and 59 franchise stores.</p> <p>In late April 2025, the group <a href="https://www.bleepingcomputer.com/news/security/uk-retailer-co-op-shuts-down-some-it-systems-after-hack-attempt/" rel="nofollow noopener" target="_blank">shut down parts of its IT systems</a> after detecting hacking attacks, causing limited disruption to back-office and call-center services.</p> <p>A couple of days later, Co-op confirmed that it had been targeted by hackers linked to the <a href="https://www.bleepingcomputer.com/news/security/co-op-confirms-data-theft-after-dragonforce-ransomware-claims-attack/" rel="nofollow noopener" target="_blank">DragonForce ransomware</a> operation, who managed to steal personal data of a large number of current and past members, including names and contact details.</p> <p>The attack, attributed to Scattered Spider affiliates, forced Co-op to rebuild its Windows domain controllers and further extendsystem unavailability.</p> <p>On July 10th, U.K.&rsquo;s National Crime Agency <a href="https://www.bleepingcomputer.com/news/security/four-arrested-in-uk-over-mands-co-op-harrods-cyberattacks/" rel="nofollow noopener" target="_blank">arrested four young suspects</a> (ages 17&ndash;20) linked to the Co-op cyberattack, as well as those at<a href="https://www.bleepingcomputer.com/news/security/marks-and-spencer-confirms-a-cyberattack-as-customers-face-delayed-orders/" rel="nofollow noopener" target="_blank">Marks &amp; Spencer</a> and <a href="https://www.bleepingcomputer.com/news/security/harrods-the-next-uk-retailer-targeted-in-a-cyberattack/" rel="nofollow noopener" target="_blank">Harrods</a> that occurred around the same period.</p> <p>On July 16th, Co-op published new details on its internal investigation, informing that hackers stole the personal data of all <a href="https://www.bleepingcomputer.com/news/security/co-op-confirms-data-of-65-million-members-stolen-in-cyberattack/" rel="nofollow noopener" target="_blank">6.5 million members</a> during the April cyberattack.</p> <p>Although Co-op&rsquo;s response to the attack was prompt and prevented the attempted encryption, the groupsuffered a significant financial impact.</p> <div> <p><img decoding="async" alt="Financial losses caused by the cyberattack" height="213" src="https://datalake.azaeo.com/wp-content/uploads/2025/09/table.png" width="842 /&gt;&lt;/div&gt; &lt;p&gt;Information shared in the &lt;a href=">interim document describes the response in detail, explaining that certain systems that were taken offline disrupted trading and stock availability in food retail.</p> <p>Manual processes were introduced temporarily, 350,000 items were rerouted to support independent co-ops and franchise partners, and discount coupons were offered to members.</p> <p>Still, the group continued to face limited volume problems, experienced severe stock allocation issues, and a collapse in sales for some categories, such as tobacco.</p> <p>Despite the disruption and the expected ongoing effects, liquidity remained strong, with &pound;800 million being available to &ldquo;navigate external pressures while maintaining focus on long-termambitions.&rdquo;</p> <p>The CFO underlined that no funding concerns arose from the cyber-incident.</p> <p><a href="https://hubs.li/Q03B5Kw_0" rel="noopener sponsored" target="_blank"><br /> <img decoding="async" alt="Picus Blue Report 2025" src="https://datalake.azaeo.com/wp-content/uploads/2025/08/blue-report-2025.jpg"><br /> </a> </p> </div> </div></div>