The cooperative apologized after the computer pirates accessed and extracted the personal data of the members, such as names and contact data.
The retail firm said Friday that it is experiencing “sustained malicious attempts” to access its systems, since it has already closed parts of its IT systems earlier this week.
It occurs after other Harrods and Marks & Spencer retailers were also beaten with cyber attacks, and the latter continued to deal with the consequences of a ransomware attack that has left the business unable to process online orders since last Friday.
The National Crime Agency (NCA) said that it is investigating the attacks individually, but that they are “aware that they can be linked.”
A Cooperative spokesman said: “As a result of the ongoing forensic investigations, we now know that computer pirates could access and extract data from one of our systems.
“The data that is accessed included information related to a significant number of our current and past members.
“These data include personal data of the members of the cooperative group, such as names and contact data, and did not include the passwords of the members, the details of the bank or the credit card, the transactions or the information related to the products or services of the clients or of the customers or of the customers with the cooperative group.
“We have implemented measures to ensure of avoiding unauthorized access to our systems while we minimize the interruption for our members, clients, colleagues and partners.
“We appreciate that our members have trusted our cooperative by providing information. Protecting the safety of the data of our members and clients is a priority, and we regret a lot that this situation has emerged.”
The business said that its Back Office and the calls of call centers have been affected, but that the more than 2,000 stores of groceries of cooperation and 800 funerals throughout the United Kingdom are operated as usual.
A spokesman for the National Crime Agency said: “We are aware of the recent cyber incidents that affect the retail sector and we are working closely with our partners of application of the law to investigate.
“We are considering the incidents individually, however, we are aware that they can be linked and, therefore, this will remain under review.”
The National Cyber Security Center said that attacks should be a “attention call” for companies.
The CEO, Dr. Richard Horne, said: “The interruption caused by recent incidents that affect the retail sector are naturally a reason for concern for those affected businesses, their clients and the public.
“The NCSC continues to work closely with organizations that have informed us incidents to completely understand the nature of these attacks and provide expert advice to the sector in general based on the threat image.
“These incidents must act as a call for attention to all organizations. I urge leaders to follow the advice on the NCSC website to ensure that they have appropriate measures to help prevent attacks and respond and recover effectively.”
