Co-op gives update after major cyber attack - but crisis deepens at rival Marks & Spencer

The is hoping to tackle gaps on shelves caused by the fall-out from a within days - while a crisis at rival depends. Shoppers at convenience store chain the Co-op have reported shortages of certain products after the member-owned business was targeted by a criminals, which led to what the firm called significant disruption.

Insiders say it came as a result of proactively shutting down systems temporarily, to prevent the attack spreading to other IT systems. Like , the Co-op said criminals has launched a “highly sophisticated” hack, without going into details. It did reveal that the cyber criminals were able to access a” limited amount of member data”.

The understands that ordering and other supply issues have been largely resolved. That is despite ongoing evidence of empty sections on shelves and in fridges at Co-op stores. One store in south-west London still have gaps in the confectionary aisle, in fresh produce and ready meals, and yoghurts.

However, the Co-op’s signal that it is getting back-to-normal is in stark contract to M&S, where all online clothing sales are still suspended. Independent retail analyst Richard Hyman said the ongoing pause would be costing M&S a “very significant” amount of money.

READ MORE:

M&S is refusing to say how much it has lost in sales However, the firm’s last annual report showed online generated almost £1.3billion of sales, equivalent to more than £24million a week. Given the suspension of orders for more than two weeks, it would indicate M&S has already kissed goodbye to more than £50million worth of sales, although the annual figure includes spikes at and other busier times of the year. The timing comes just as other fashion retailers were enjoying booming demand for spring ranges thanks to the fine .

M&S admitted a gang of cyber hackers had stolen a potential treasure trove of customer details. Shoppers’ names, email addresses, dates of birth, phone numbers and what they bought online are among personal information that has fallen into the hands of crooks.

M&S insisted “useable” payment or card details had not been stolen, and there was no evidence at this stage that the hackers have used any of the information. However, it urged shoppers to change their M&S account password, just in case. Yet to add to the shambles, the company was unable to say how many of its 9.4 million active online customers could be in danger.

M&S has been left reeling by what it called a “sophisticated” cyber attack, which first emerged around three weeks ago. While stores were initially affected, the biggest impact has been on M&S’s online arm, which has been paralysed since April 25, with no clothing and homewares orders being taken.

And despite calling in a team of security experts, and the police, there is no sign M&S is getting on top of the incident.

Hackers are thought to infected M&S’s IT systems with ransomware, a type of malicious software that blocks the company from accessing its own data unless it coughs up money. Reports have linked the incident to a gang calling itself Scattered Spider, which includes members as young as 16.

In a new update, M&S said: “We are writing to customers informing them that due to the sophisticated nature of the incident, some of their personal customer data has been taken. “Importantly, the data does not include useable payment or card details, which we do not hold on our systems, and it does not include any account passwords. There is no evidence that this data has been shared.” It went on: “We have said to customers that there is no need to take any action. For extra peace of mind, they will be prompted to reset their password the next time they visit or log onto their M&S account and we have shared information on how to stay safe online.”

M&S first reported the issue over the Easter weekend, with the incident initially causing problems for the retailer’s contactless payments and click and collect orders, while it has also impacted some availability in stores after it took some of its systems offline in response.

On May 2, the Information Commissioner’s Office said it was also looking into the attack, as well as a similar major incident involving the Co-op. Yet reports online say M&S’s servers were first breached in February. However, it said those behind it then deployed a hacking too known as DragonForce on April 24.

The contrast in how quickly the Co-op and M&S have got on top of the issue also raises concerns. Sources say security staff with the Co-op spotted the breach almost immediately, and raised the alarm, preventing the attack from widening out. M&S, on the other hand, faces serious questions which it has yet to answer about just when the attack took place, when it became aware, and why it still in the grip of the crisis.