Shelves have been left bare at some Co-op stores after the group fell victim to a cyber attack, leaving Scottish islanders panicking that food may run out.
The Co-op stated that the hacking incident, which occurred last week, had caused “significant disruption” and that a number of systems had had to be shut down in order to protect the organisation.
Skye resident Amanda Macauley raised her concerns over empty shelves with the retailer on 5th May. She explained that Co-op was the main supermarket on the island with two stores in Portree and one in Broadford, and asked if remote rural locations would be prioritised for deliveries.
Co-op Operations Director, Kate McCrae, told her: “Yes, absolutely we are prioritising the stores that we consider lifeline stores as we are the only food retailer in that location, we hope to have stock arriving within the next 24 hrs. So sorry for the inconvenience and I promise we are working around the clock to get this resolved.”
Yesterday, the stores had still to receive adequate stock and chillers and fresh produce sections remained empty, but McCrae stated that ambient goods and milk would be delivered today, whilst fresh produce was expected on Thursday.
Meanwhile, Edinbane-based independent, Rankins Supermarket, which is supplied by Nisa, was quick to highlight to customers that it had not been impacted by the attack and had witnessed a surge in footfall as Co-op shoppers took their business elsewhere.
In addition to causing stock issues, the cyber criminals were able to access Co-op member data, such as names, contact details (residential address, email address and phone number) and dates of birth.
Co-op CEO Shirine Khoury-Haq told customers: “This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened. We recognise the importance of data protection and take our obligations to you and our regulators seriously, particularly as a member-owned organisation.
“The criminals that are perpetrating these attacks are highly sophisticated and our colleagues are working tirelessly to do three things:
(1) protect and defend our Co-op
(2) fully understand the extent of the impact caused by the attack
(3) provide much needed information to the authorities that may help them with their investigations.”
The group said it was investigating the problem in conjunction with the National Cyber Security Centre and the National Crime Agency.
A spokesperson for Co-op said: “We have implemented measures to ensure that we prevent unauthorised access to our systems whilst minimising disruption for our members, customers, colleagues and partners.
“As a result of ongoing forensic investigations, we now know that the hackers were able to access and extract data from one of our systems.
“The accessed data included information relating to a significant number of our current and past members.
“This data includes Co-op Group members’ personal data such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group.
“We appreciate that our members have placed their trust in our Co-op when providing information to us. Protecting the security of our members’ and customers’ data is a priority, and we are very sorry that this situation has arisen.”
