# DragonForce Group Claims Theft of Data After Co-op Cyberattack

A group of hackers known as DragonForce has come forward to claim that they stole sensitive data from the British retail cooperative, Co-op, following a recent cyberattack. The attackers, who have been identified as a ransomware group, shared screenshots with BBC evidence of their first extortion message to Co-op's cyber chief via Microsoft Teams on April 25th.

According to DragonForce, they accessed customer and employee data belonging to current and past members of the Co-op membership scheme, including private information such as names, home addresses, emails, and phone numbers. The group claimed that they stole data from approximately 20 million people who signed up for the membership scheme, although the company has not confirmed this number.

The DragonForce group also announced that they had attempted to hack M&S and Harrods, gaining access to the companies' internal Teams channels, leaked staff credentials, and 10,000 customer records containing Co-op membership card numbers. The attackers made it clear that their intentions were malicious, as they threatened to publish sensitive information unless a ransom was paid.

However, after verifying the authenticity of the data with BBC, DragonForce claimed that they had destroyed the evidence, which included members' personal data such as names and contact details, but did not include passwords, bank or credit card details, transactions, or information relating to any members' or customers' products or services with the Co-op Group.

The DragonForce group is known for its use of ransomware attacks, where they scramble victims' data and demand a ransom in exchange for restoring access. The group operates a cybercrime affiliate service, allowing affiliates to use their tools to launch attacks and extort victims. DragonForce manages both Telegram and Discord channels, with cybersecurity experts suggesting that it may be composed of English-speaking teenagers.

The Co-op's admission of the data breach comes as a surprise, given the initial statement from the company that there was "no evidence" that customer data was compromised. This incident highlights the importance of robust cybersecurity measures in protecting sensitive information and serves as a reminder to businesses and individuals alike to remain vigilant against cyber threats.

**Update:** Since the initial publication of this article, additional information has come to light regarding the extent of the Co-op's data breach. It is now confirmed that the group accessed customer records containing Co-op membership card numbers, names, home addresses, emails, and phone numbers. The company has assured customers that they have taken steps to rectify the situation and prevent similar incidents in the future.

**Follow me on Twitter: @securityaffairs**

This article was originally published by BBC News.