Chaos at the Co-op as cyber-attack leaves shop chain struggling to send supplies to remote stores
Food and drink supplies are being urgently diverted to some of Scotland's most remote supermarkets as a massive cyber attack causes chaos at the Co-op.
Shoppers are finding it increasingly difficult to get goods at their only local food store as the retailer struggles to send out supplies.
Row upon row of shelving where fresh fruit and vegetables should be are bare after the Co-op was forced to switch off crucial computer systems.
It's left the business struggling to manage deliveries from suppliers while other essential items like milk have been running low in some stores.
And it's hit shoppers in rural areas hardest where often the the Co-op is the only shop for miles.
It is the main retailer on Skye and images from its supermarket in Portree reveal rows and rows of empty shelves.
Branches in the Western Isles have also been hit with issues as have outlets in Glasgow, Aberdeen and Angus.
In place of produce is a note which informs customers: 'Sorry, we're having some availability issues which will be resolved shortly.'
The cyber attack comes as Marks and Spencer continue to deal with an unprecedented attack on its computer infrastructure.
The Co-op has been battling hackers since last week and has admitted that personal data had been stolen from customers.
The cyber attack forced it to switch off critical systems in a bid to protect its systems from further damage.
DragonForce, the shadowy group who have also claimed responsibility for the hacks on both Marks and Spencer, have claimed to the BBC that they have the private information of 20 million Co-op customers.
The anonymous group claim they sent a message to the Co-op's head of cybersecurity on an internal messaging app, which told them: 'Hello, we exfiltrated the data from your company.
'We have customer database and Co-op member card data.'
The hackers have claimed they messaged other members of the executive committee too as part of their scheme to blackmail the firm.
Some Co-op stores had been forced to limit payments to cash only earlier this week, though issues with card payments have now been fixed.
Government cyber security experts have been drafted in by the Co-op to help as it battles the cyberattack, and staff have been instructed to keep their cameras on in virtual meetings.
It comes as experts fear the hackers could be using internal communications systems to pose as staff.
Yesterday a Co-op spokesman apologised to customers impacted by issues, and said: 'All out stores are open and trading however, due to the sustained malicious attempts by hackers to access our systems, we have taken proactive steps to keep our systems safe, which is temporarily impacting our colleagues' ability to perform their roles and how many deliveries we can make to our stores.
'This means that some of our stores might not have all their usual products available and we would like to say sorry to our members and customers if this is the case in their local store.
'We are working around the clock to reduce disruption and resume deliveries.'
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Sun
2 hours ago
- The Sun
Family of tragic Scots dad savagely murdered by ‘cold-blooded' best pal say he should never be freed
THE family of a murdered dad have told of their horror at him being killed by a childhood pal who considered himself a 'cousin'. Relatives of Chris McMahon, 31, found it 'unbelievable' that Stephen Kelly stabbed him in the neck and chest with an 18-inch hunting knife. 5 5 5 He also hit Chris on the head with a bottle, stamped on him and poured bleach into his mouth during a 'sustained' 20-minute attack. Chris's devastated mum, Margaret, 69, said: 'Never in a million years did I think Stephen would have done this to Chris. 'He would come to our house all the time. He was always here having his dinner as a wee boy.' Kelly claimed he killed Chris in the dad-of-two's home in Carluke, Lanarkshire, because he was being 'bullied' by him. But the dead man's older brother John, 37, said: 'He's a coward. He's hit Chris with a bottle to knock him out, then sat on top of him and stabbed him, then poured the bleach. 'That's not someone who has snapped because they were bullied. He's a cold-blooded killer.' Sister Kirsty, 41, said: 'There's two little kids here who will never see their daddy again.' Mum Margaret told how Kelly's mother knocked on her door after the brute called her, topless and covered in blood, to tell her what he had done. She said: 'She told me, 'You better call for help'. 'After I found out I couldn't believe she hadn't told me what happened. But then, maybe she couldn't say it.' Stabbing rampage leaves 11 people injured as witnesses describe horror of 'screams & blood everywhere' in Salem Kelly, of Carluke, was caged for 22 years at the High Court in Kilmarnock on May 28. Following the sentence Chris' parents Margaret, 69, and John 76, along with siblings Kirsty, 41 and John, 37, said they were relieved Kelly had been given life. Kirsty added: "It's been an agonising 19 months for our family, and justice has finally been served. But no sentence would ever be long enough because Chris is never coming back." 5 5
The Independent
3 hours ago
- The Independent
DragonForce and Scattered Spider: Inside the hacker groups linked to M&S cyberattack
Marks & Spencer has finally reopened its online orders, months after a cyber attack which is set to cost the British high street retailer £300 million in profits this year. This comes as a new hacking group has been connected with the incident, after it was revealed the DragonForce group sent M&S CEO Stuart Machin an email days after it faced a major cyberattack gloating about the hack and demanding ransom payment. The email, seen and reported by the BBC, said: 'We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers.' DragonForce aren't the only group that have been connected with the attack on the retailer, as the Scattered Spider network had previously been named as the enactors of the social engineering attack. According to Sergey Shyekevich, a researcher from cybersecurity company Checkpoint, more hacker groups are forming alliances on the dark web. 'Co-operation between two powerful groups is very interesting,' he says. 'It's one outcome we see on the dark web more and more, alliances between big groups.' Here's all we know about the two hacker groups What is DragonForce? DragonForce is a hacker organisation that offers Ransomware to cyber-criminal affiliates for a 20 per cent cut of any ransoms collected. This means that for a fee, they lease out their malware through dark web marketplaces to cyber-criminals. While the organisation originally started working in 2023, they've had a massive re-marketing of their business model in the past couple of months. 'In the last two months, they started to become very active in one of the biggest dark web forums,' says Sergey, who says they have marketed themselves as a 'Ransomware Cartel', cornering that market on the dark web in the past month. 'They started being more aggressive I think a few weeks before all the attacks in the UK,' he adds. Researchers have claimed they operate out of Malaysia, with some disputing this and saying they are located in Russia. As well as the M&S hack, DragonForce has been linked to the Co-op cyberattack. What is Scattered Spider? Scattered Spider is a community of hackers that targets huge organisations across different sectors using social engineering tactics. 'They're very good at social engineering of different types,' Sergey says, adding that in the past they have used SIM swapping and impersonated IT staff to trick people into letting them use their systems. Believed to be a community of young adults across the US and UK, the group gained notoriety for their involvement in hacking and extorting two of the largest casino and gambling companies in the United States. 'They understand human nature and how big corporations work,' says Sergey. 'They're very successful.' In 2023 they were linked to the hacking and extortion of Caesars Entertainment and MGM Resorts International, which led the former to pay a ransom of approximately £11 million ($15 million). They were able to access a significant number of driver's licence numbers and possibly even Social Security numbers of the casino customers through the ransomware demand. A 17-year-old hacker from the United Kingdom was arrested in connection with the hack and attempted ransom in July 2024. How did the cyberattack happen? M&S first disclosed they had experienced a cyberattack on 22 April, which had disrupted their online operations and even halted contactless payments. Hundreds of agency workers at the company were told not to come into work as the retailer dealt with the fallout of the cyberattack. Customer personal data – which could have included names, email addresses, postal addresses and dates of birth – was also taken by hackers in the attack. M&S revealed last month that the attack was caused by 'human error', as Mr Machin said in an annual figures report in May that the hackers gained access to the company's IT systems through a third party. He said at the time: 'We didn't leave the door open, this wasn't anything to do with under-investment. Everyone is vulnerable. For us, we were unlucky on this particular day through some human error.' Responding to attacks on the retail sector, the NCSC put out advice to the industry and responded to speculation that the Scattered Spider group had used social engineering to target IT help desks and perform password and MFA (multi-factor authentication) resets. 'Criminal activity online – including, but not limited to, ransomware and data extortion – is rampant,' their blog post wrote. 'Attacks like this are becoming more and more common. And all organisations, of all sizes, need to be prepared.' Deputy Director Paul Foster, head of the NCA's National Cyber Crime Unit, said: 'Specialist NCA cybercrime officers are working closely with law enforcement partners to investigate the recent cyber incidents affecting the retail sector. Identifying the criminals responsible and bringing them to justice is a top priority. 'We are considering the incidents individually, but have a range of hypotheses and are mindful they may be linked. 'The impact of these incidents has been significant and businesses will understandably be concerned. I'd encourage all organisations to follow advice on the NCSC's website to ensure they have effective cyber security measures in place to help prevent attacks. 'I'd also urge those that do unfortunately fall victim to an attack to engage with law enforcement as part of the reporting process. The NCA and policing will investigate covertly and discreetly, as well as support the recovery of systems and data.' How much money has M&S lost? The fallout from the cyberattack saw the company lose £650 million of value in a matter of days. M&S said it expected to take an estimated £300 million hit to profits this year, as they predicted disruption to its online business to last into July. What has M&S said in response? As M&S reopened its online operations, they put out a statement which said: 'You can now place online orders with standard delivery to England, Scotland and Wales. Delivery to Northern Ireland will resume in the coming weeks. 'We will resume click and collect, next-day delivery, nominated-day delivery and international ordering in the coming weeks.'
BBC News
3 hours ago
- BBC News
Spending Review: Shaping Scotland's priorities for years to come
Increased spending for Scotland on defence, computing and the development of carbon-capture technology have been promised in the chancellor's Spending Reeves has found £250m for the Royal Navy's nuclear submarine base on the Clyde, £750m to bring the most powerful supercomputer in the UK to Edinburgh, and funding for the Acorn Project in St Fergus. Acorn would take greenhouse gas emissions and store them under the North Sea, in a process known as carbon capture and storage (CCS).The news comes as Reeves announces the budgets for all UK government departments over the next few years. Getting the review right is a tricky balancing can see ways that public funds could be used more efficiently or even cut. Everyone has their top priority for spending what happens if there's a root and branch review, with every spending line scrutinised, new priorities set and given more funds and others squeezed or cut?We should find out later. But it may not be as radical a review as sometimes presented as too much is already committed by contract or by government manifesto to make really radical changes. What spending is being reviewed? The clue is in the name. This is not about taxation, and it's not about balancing the books. That's for the Budget, and one of them is expected in autumn, to cover review takes the spending totals already set by the Office for Budget Responsibility (OBR), and chooses how to allocate the day-to-day spending (also known as current or revenue spending) for the next three financial also plans capital spending for four years on projects with a lifespan beyond the year, such as includes the spending in Scotland by Whitehall departments, such as work and pensions and defence. It does not include funds spent by Holyrood. How tight will it be for day-to-day spending? We already know, at least roughly, the total numbers the chancellor has to allocate. The increase in day-to-day spending is an average 1.2% per year over the three years to funds have been front-loaded by the Labour government. In other words, most of the extra spending it gets from big tax increases on business and the wealthy are being used to lift spending in its first two years. Then it gets every department were to retain the same share (which would suggest the review effort has been wasted), it would get the average we already know the defence budget is getting a significant lift, to confront growing challenges and new types of warfare. We also know the NHS requires more than a standstill budget to meet rising demands on it. And the Westminster government has committed to increasing the amount of childcare it provides. That implies an estimated cut of 1.3% in real terms for other items of government and justice have taken the brunt of such cuts in the five spending reviews since they started 27 years ago, though not in the one-year spending review carried out last big question about such cuts is whether they mean a reduced level of provision, or a challenge to get at least the current level of public service out of less sector productivity has gone backwards since the pandemic. There's a need and a big challenge to reverse that and it may need some spending to help the process happen, with perhaps more use of technology to replace civil servants. What's available for the longer term? Capital spending looks in an easier position, not least because Rachel Reeves' spending constraints allow her to borrow for that. She aims to match day-to-day spending with tax revenue, so it should not be funded by recent days, we have seen announcements to fund capital projects for defence, transport in the north of England and a large nuclear power station in capture and storage projects, to trap greenhouse gases, include the Acorn Project in a promise to spend "an initial £250m" over three years on the Clyde submarine base, "supporting jobs, skills and growth across the west of Scotland".A lot of the allocations are being attached to the government's top priority of economic growth, with an emphasis on spreading funds around the UK. Some of this spending precedes the announcement of an industrial strategy, in which the UK government intends to give added backing to industries of strategic importance such as steel, or those with the most growth potential, so there's lots about science and why Spending Review day starts with a further preview of the review: Edinburgh University is to get £750m allocated to a new super-computer, which is billed as the most powerful in the UK, and among the most powerful in the world. It will be available for research into numerous projects such as personalised medicine, sustainable air travel or climate reinstates a project that was cancelled last summer by Rachel Reeves, because it had not been funded by the outgoing Conservative government. What decisions will directly affect Scotland? Much of the state pensions and welfare budget is distributed throughout the UK by the department for work and pensions. But that share has been falling as Holyrood takes on devolved to universal credit would be felt in Scotland. That includes changes to the two-child limit on state pension's triple lock of at least the rate of average pay increase, of price inflation or 2.5%, is being retained and that also covers there are cuts in civil service numbers, that could apply to those who work in Scotland for the Foreign, Commonwealth and Development Office, for HM Revenue and Customs and for the Department of Work and there is also a plan to push many more civil service jobs out of London, so there could be gains for Scotland from relocations. How will this affect Holyrood's budget? Many of the changes in day-to-day spending, or capital spending on transport for instance, directly affect other parts of the UK, and in some cases only formula for spending should then apply a share of that change to the block grant passed from the Treasury to Holyrood – whether an increased share or a proportionate the health service gets a boost, above the rate of increase in other departments, that will be a positive for Holyrood as well. But if justice takes a hit, a proportionate share of that will be passed on to Scottish will then be free to allocate the block grant as they wish, so they can pass on the health spending at the same rate as England, or apply that money to another recent years, more and more spending has gone into the new Holyrood welfare budget, so that £1.5bn is being spent each year on making welfare more generous than in the rest of the of that has been to mitigate decisions taken on welfare by the Westminster government. And there could be relatively good news for Holyrood from two decisions in the spending review which have already been the cut in pension-age Winter Fuel Allowance brings a share to Holyrood of the necessary funds to make that happen – somewhere around £125m. That eases the pressure on Shona Robison, Holyrood's finance secretary, as she decides how to use the resources she gets. And if Rachel Reeves follows through on the commitment to increase the level of state childcare support, that will also ease Holyrood's budget challenge, as it has already found funds to increase childcare. A share of that new-found money for England will be added to Holyrood's block grant, but need not be spent that Robison has put off decisions about her medium-term plans until she sees Rachel Reeves' spending review and the impact it has on Holyrood's day-to-day and capital Scottish finance secretary is due to update MSPs by the end of June on how she uses it, including a priority list of capital include high-profile road upgrades in the Highlands and Aberdeenshire, and the stalled programme for building NHS National Treatment faces competing demands to improve the buildings and IT in public services and, on the other hand, improving economic infrastructure such as roads and rail, with a more direct impact on economic also has the challenge of either cutting some public services or reforming them in such a way that they can be provided more spending review may be of major significance for public services for years to it may be replaced by annual budgets, as we've seen in the past, making different decisions depending on funds available and political announcement in the Commons later is only the start of the process of putting those funds to work.
