Britain’s Co-op says cyberattack disruption cost it £80 million. The retail group reported revenue losses, data exposure, and a sharp first-half swing to loss as it sought to contain and recover from the April incident.
The Co-op Group confirmed the cyberattack cost it £80 million in operating profit in the 26 weeks to 5 July, equivalent to about $108 million. Revenue losses linked to the shutdown of core systems and supply chain disruption totalled around £206 million. The result left the mutual with an underlying pre-tax loss of £75 million, reversing a £3 million profit in the same period last year.
“The cyber incident in April caused significant disruption to our operations and to our ability to serve customers and members,” the Co-op said in a statement accompanying its half-year report. “Our teams acted quickly to contain the attack, restore services, and protect data. We regret the impact it has had on members, colleagues, and partners.”
The breach forced Co-op to temporarily disable parts of its IT infrastructure, disrupting stores and distribution. While names, addresses, and contact information were accessed, the company said no financial or password data was compromised.
The incident is believed to be linked to the same group that targeted Marks & Spencer earlier in the year. The UK’s Cyber Monitoring Centre has classified the two events as a combined cyberattack, with total costs to the retail sector estimated between £270 million and £440 million. Suspected attackers are members of “Scattered Spider,” a group known for phishing and social engineering techniques.
The National Crime Agency has confirmed arrests connected to the wider wave of UK retail cyberattacks affecting Co-op, M&S, and Harrods. Investigations are ongoing.
Beyond its core food retail business, Co-op operates funeral care, insurance, and legal services. The organisation said it is investing heavily in cybersecurity measures and expects the financial impact of the breach to be “materially smaller” in the second half of the year.
Analysts have pointed to rising risks across the retail sector, with supply chains and customer databases increasingly targeted. The incident adds pressure on companies to strengthen cyber resilience as regulators monitor potential exposure of customer data.
