Co-op operates more than 2,000 stores and other legal and financial businesses. Credit: Richard M Lee/Shutterstock.

Co-op has initiated a partial shutdown of its IT infrastructure in response to a detected cyber-attack attempt, in late April 2025, just days after a major hack at retailer Marks & Spencer (M&S).

In a letter sent to employees, to which The Guardian had access, the organisation stated it had taken measures to secure its systems and consequently restricted access to certain systems temporarily.

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

Co-op operates a network of 2,000 grocery stores, funeral parlours and ventures in legal and financial services.

The company has halted some business services for store management teams and the legal services division. It is understood that its stock monitoring system is among the affected services.

An informed source suggested that if the issue is not resolved promptly, there could be noticeable gaps on shelves in some regions.

The Guardian reported that from 30 April 2025, some staff members would be unable to work remotely due to blocked access to systems.

GlobalData Strategic Intelligence

US Tariffs are shifting - will you react or anticipate?

Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.

By GlobalData

Despite these challenges, the Co-op has confirmed that all stores, including rapid delivery services and funeral homes, are operating normally.

The chain has given reassurances that there was no immediate action required from members or customers, suggesting confidence that customer data remained uncompromised. Updates will be provided as deemed necessary.

A Co-op spokesperson was quoted by the publication: “We have recently experienced attempts to gain unauthorised access to some of our systems. As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact to some of our back office and call centre services. We are working hard to reduce any disruption to our services and would like to thank our colleagues, members, partners and suppliers for their understanding during this period.”

Fellow retailer M&S temporarily suspended all online orders following a cyber-attack which began on Tuesday, 22 April 2025. The retailer instructed agency staff at its central England distribution centre not to report for duty on 28 April after halting online orders due to the cyber event.

The National Cyber Security Centre has acknowledged its collaboration with Co-op in managing the cyber incident and is also assisting M&S to understand both occurrences fully.

The possibility of connections between the two incidents is also under scrutiny.