Co-op Food Hit by Cyber-Attack, Hackers Claim Massive Data Theft

Coin WorldSunday, May 11, 2025 7:56 pm ET
2min read

A large grocery chain in the UK, Co-op Food, has been the target of a significant cyber-attack, with hackers claiming to have stolen vast amounts of customer and employee data. The company, which employs approximately 70,000 people, initially disclosed that a limited amount of member data had been accessed. However, hackers operating under the name "DragonForce" have since reached out to the media, providing evidence that they have breached the company’s IT networks and exfiltrated a substantial amount of sensitive information.

The hackers reportedly showed screenshots from a

Teams chat where they communicated with Co-op’s head of cyber security, stating that they had stolen customer databases and Co-op member card data. This contradicts the company's initial statement that only a limited amount of data was compromised. The breach has forced Co-op to limit grocery deliveries to essential items only, as its electronic data interchange (EDI) system was damaged by the exploit.

The severity of the attack has raised concerns about the potential impact on millions of individuals whose personal information may have been compromised. The hackers' tactic of leaking portions of the stolen data to the media is a common strategy used to pressure companies into paying ransoms. The stolen data includes personal information such as names, addresses, phone numbers, and financial details, which could be used for identity theft or other fraudulent activities.

The UK government has responded to the incident by emphasizing the importance of cybersecurity. Pat McFadden, the UK’s Chancellor of the Duchy of

, stated that companies must treat cybersecurity as an absolute priority. He highlighted the relentless nature of cybercriminals and the need for businesses to protect their digital assets with the same vigilance as they would their physical properties. This incident serves as a wake-up call for businesses to prioritize cybersecurity measures to prevent similar attacks in the future.

The grocery chain's experience underscores the growing threat posed by cybercriminals to businesses of all sizes. As companies increasingly rely on digital systems to store and manage sensitive data, they become more vulnerable to attacks. The incident highlights the need for robust cybersecurity practices and quick response mechanisms to mitigate the damage caused by such breaches. The potential legal and financial repercussions for the company are significant, as customers and employees whose data has been compromised may seek compensation, and the company could face regulatory fines for failing to adequately protect sensitive information.

In response to this growing threat, many organizations are investing in advanced cybersecurity measures to protect their data and prevent future breaches. However, the effectiveness of these measures remains to be seen, as hackers continue to develop new and more sophisticated techniques for infiltrating corporate networks. The grocery chain's experience serves as a stark reminder of the importance of robust cybersecurity practices in today's digital age. Companies must remain vigilant in their efforts to protect sensitive data and respond quickly to any signs of a potential breach. Failure to do so can result in severe consequences, not only for the company itself but also for the individuals whose personal information has been compromised.