THE Co-op said it has shut off parts of its IT systems after an attempted hack.
It said some of its back office and call centre services have been impacted but that all stores, including grocery and funeral homes, are trading as usual.
It comes as rival Marks & Spencer continues to deal with the lengthy fallout of a major cyber incident.
M&S has been unable to process online orders since last Friday, after click and collect orders and contactless payments were first affected by the cyber attack. The Metropolitan Police have since confirmed they are investigating.
It is not known whether the hacks of the two retailers are related.
A Co-op spokesman said: “We have recently experienced attempts to gain unauthorised access to some of our systems.
“As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact to some of our back office and call centre services.
“We are not asking our members or customers to do anything differently at this point. We will continue to provide updates as necessary.”
Payment processor DECTA's CEO, Scott Dawson, said the attempted hack exposed "alarming vulnerabilities" for retailers who can no longer "treat resilience as optional as this becomes more of a trend".
"This incident, coming on the heels of major breaches at Marks & Spencer and other high-profile targets, highlights how brittle legacy architectures and siloed security practices are, and no match for sophisticated threat actors," he said, adding: "Until businesses adopt uniform metrics and invest in fail-safe recovery plans, every transaction—and every customer relationship—remains at risk. When a single intrusion forces entire back-office operations offline, every step from inventory management to customer service teeters on collapse.
“Much like the repeated failures of banking apps, this illustrates a fundamental weakness in the resilience of the systems we rely on most. It's no longer enough to simply talk about resilience; it's a crucial element of modern business, especially when dealing with finances. The lack of standardised ways to measure resilience has contributed to it being dismissed as mere rhetoric by some business leaders.”
"It’s time to move beyond rhetoric: businesses must move from reactive patchwork to proactive resilience engineering architected into every layer of IT strategy, or retailers will continue to pay the price. Only then can retailers protect revenue streams, reputations and the trust of the millions who rely on them.”
