Co-op CEO confirms data breach exposed sensitive information of 6.5 million members

The chief executive of Co-op told the media that the data security incident in May compromised the sensitive personal information of all 6.5 million of its members.

 

Earlier this year, Co-op suffered a significant cyber attack that affected the retailer’s daily operations. Co-op reported that its systems were offline for two weeks affecting payments, restocking & funerary services, leading to empty shelves.

 

The retailer proactively took portions of its network offline after detecting the intrusion, which helped mitigate more serious consequences.

 

Subsequent forensic investigations revealed that hackers accessed and extracted data from Co-op’s internal systems. The compromised data included personal information of current and past Co-op Group members, such as names and contact details. 

 

Importantly, the breach did not include members’ passwords, bank or credit card details, transactions, or information related to products or services.

 

Recently, the BBC reported that Shirine Khoury-Haq, CEO of Co-op has confirmed that the cyber attack affected all 6.5 million of its members. 

 

“I’m devastated that information was taken. I’m also devastated by the impact that it took on our colleagues as well as they tried to contain all of this.

 

“There was no financial data, no transaction data but it was names and addresses and contact information that was lost,” CEO Khoury-Haq told the BBC.

 

She added that the company’s IT team worked relentlessly and removed the threat actors from the network, however, “because we did block them, they could not erase what they did.

 

“So we could monitor every mouse click, we saw every piece of code that they had written, we knew everywhere they went in our systems, and we were able to relay that back to the authorities.

 

“We know a lot of that information is out there anyway, but people will be worried and all members should be concerned. It hurt my members, they took their data and it hurt our customers and that I do take personally,” CEO Khoury-Haq added.

 

Meanwhile, the four individuals arrested for their alleged involvement in attacking major retailers, including Co-op, have been released on bail.

 

“All four individuals have been bailed pending further inquiries,” a spokesperson for the National Crime Agency (NCA) said.