Co-op Records £206m Revenue Loss Following Cyber-Attack
The Co-op, a UK retailer, has revealed that it suffered an estimated loss of approximately £206m ($277m) in revenue due to a "malicious" cyber-attack earlier this year. The financial fallout from the April incident was disclosed in the company's H1 2025 financial report.
A Direct Result of Containment Measures
The lost revenue was a direct consequence of the Co-op temporarily shutting down a number of systems to contain the threat. This measure, while crucial in preventing further damage, resulted in significant losses for the retailer. The company's overall losses for the six-month period ending July 5, 2025, totalled £80m ($107m) as a result of the cyber-incident.
Ongoing Impact on Sales
The impact of the attack on sales is expected to continue in H2 2025. The retailer's efforts to mitigate the damage and restore its systems have been ongoing, with some challenges still being addressed.
A Cost-Benefit Analysis
While no details have been provided on remediation costs, a non-underlying one-off cost of £20m ($27m) was registered in the company's financial report. It is unclear whether this cost is related to the cyber-incident, but it highlights the significant expenses incurred by the Co-op as a result of the attack.
A Resilient Response
Despite the challenges posed by the cyber-attack, Co-op chief executive Shirine Khoury-Haq praised the retailer's resiliency in keeping essential services running during the incident. This included maintaining funeral services and prioritizing food stocks to rural "lifeline" stores.
A Focus on Improvement
Khoury-Haq noted that the incident highlighted areas the company needed to focus on, particularly in the food business. She stated: "We've already started on this journey, refining our member and customer proposition, making structural changes to our business, and setting our Co-op up for long-term success."
A New Partnership
Following the cyber-attack, Co-op launched a partnership with The Hacking Games to tackle youth disenfranchisement. This initiative was seen as an effort to address the root cause of many cyber threats, according to Khoury-Haq.
The Scattered Spider Group Involved
The cyber-attack on the Co-op has been linked to the Scattered Spider group, a collective of English-speaking hackers affiliated with The Com online criminal outfit. This incident occurred at a similar time to attacks on other high-profile UK retail brands Marks & Spencer (M&S) and Harrods.
A Shared Response
UK law enforcement arrested four individuals, three of whom were teenagers, on suspicion of offenses relating to the three attacks in July. M&S has also reported substantial financial losses from its cyber-attack, estimating total losses of £300m ($403M).
Expert Insights
Experts have urged organizations to update their defenses to counter Scattered Spider tactics. The incident highlights the need for robust cybersecurity measures and a proactive approach to addressing potential threats.
A Parliamentary Committee Hearing
Executives from M&S and the Co-op, including Khoury-Haq, gave evidence to a Parliamentary committee about the incidents. M&S chairman Archie Norman confirmed that the attack on the retailer's systems was ransomware-related, but declined to say whether a payment was made to the threat actors.
Protecting Member Information
Dominic Kendal-Ward, group secretary and general counsel at the Co-op, told the committee that the attackers were able to access member information during the time they were in the system. However, this was limited to names, addresses, and dates of birth.
A Call for Action
The cyber-attacks on the Co-op and M&S serve as a reminder of the importance of cybersecurity in today's digital age. As experts urge organizations to update their defenses, it is clear that the fight against cyber threats requires a proactive and collaborative approach.