Get featured

Co-op cyberattack drives £80m first-half loss

Co-op cyberattack drives £80m first-half loss

Britain’s Co-op says cyberattack disruption cost it £80 million. The April incident led to £206 million in revenue losses, exposure of member data, and a sharp first-half swing to pre-tax loss as the company worked to contain the damage.

Britain’s Co-op says cyberattack disruption cost it £80 million. The retail group reported revenue losses, data exposure, and a sharp first-half swing to loss as it sought to contain and recover from the April incident.

The Co-op Group confirmed the cyberattack cost it £80 million in operating profit in the 26 weeks to 5 July, equivalent to about $108 million. Revenue losses linked to the shutdown of core systems and supply chain disruption totalled around £206 million. The result left the mutual with an underlying pre-tax loss of £75 million, reversing a £3 million profit in the same period last year.

“The cyber incident in April caused significant disruption to our operations and to our ability to serve customers and members,” the Co-op said in a statement accompanying its half-year report. “Our teams acted quickly to contain the attack, restore services, and protect data. We regret the impact it has had on members, colleagues, and partners.”

The breach forced Co-op to temporarily disable parts of its IT infrastructure, disrupting stores and distribution. While names, addresses, and contact information were accessed, the company said no financial or password data was compromised.

The incident is believed to be linked to the same group that targeted Marks & Spencer earlier in the year. The UK’s Cyber Monitoring Centre has classified the two events as a combined cyberattack, with total costs to the retail sector estimated between £270 million and £440 million. Suspected attackers are members of “Scattered Spider,” a group known for phishing and social engineering techniques.

The National Crime Agency has confirmed arrests connected to the wider wave of UK retail cyberattacks affecting Co-op, M&S, and Harrods. Investigations are ongoing.

Beyond its core food retail business, Co-op operates funeral care, insurance, and legal services. The organisation said it is investing heavily in cybersecurity measures and expects the financial impact of the breach to be “materially smaller” in the second half of the year.

Analysts have pointed to rising risks across the retail sector, with supply chains and customer databases increasingly targeted. The incident adds pressure on companies to strengthen cyber resilience as regulators monitor potential exposure of customer data.

BQ

Stories for you —

  • Cargostore CEO marks five years with expansion plans

    Cargostore CEO marks five years with expansion plans

    Cargostore CEO Andrew Hart marks five years leading global expansion. The container leasing specialist has doubled profits during his tenure and completed two acquisitions, while positioning assets across its international depot network to support further growth in offshore energy, logistics, and temperature-controlled container markets.

  • Supporting neurodivergent employees in the workplace

    Supporting neurodivergent employees in the workplace

    Neurodiversity presents both opportunity and responsibility for modern workplaces. Dan Kentley, Head of Assessment and Specialist Clinical Services at Onebright, explains why organisations that recognise neurodivergent strengths — and make practical workplace adjustments — can unlock productivity, innovation, and stronger employee retention.

  • Tariffs drive sharp fall in UK exports to US

    Tariffs drive sharp fall in UK exports to US

    US tariffs trigger sharp drop in British exports to America. New trade barriers cut the value of UK goods shipped to the US by more than 10% in 2025, with clothing, footwear, artworks, and cars among the sectors recording the steepest declines.