The Co-operative Group recently disclosed that a cyber incident, initially thought to be contained, involved unauthorized access to member records. Hackers exfiltrated personal details—names, email addresses, phone numbers and postal addresses—of both current and former members. No financial, password or sensitive authentication data was compromised, but the theft of contact information raises concerns over potential phishing campaigns and identity fraud. The Co-op is now notifying affected individuals, offering guidance on monitoring communications and implementing enhanced security measures. The incident underscores the persistent threat of data breaches in retail environments, highlighting the importance of robust access controls, timely detection mechanisms and comprehensive incident response plans. Although the stolen data may seem low risk compared to financial credentials, the volume of information taken could still facilitate social engineering attacks and undermine member trust. Regulators are also assessing the adequacy of the Co-op’s security safeguards, with potential implications for compliance and reputational impact. Moving forward, the group is accelerating security audits, strengthening encryption protocols and reviewing third-party access to reduce the likelihood of future breaches.
Source: https://www.scworld.com/brief/toll-of-kelly-benefits-breach-exceeds-400k
TPRM report: https://scoringcyber.rankiteo.com/company/coop-group
"id": "coo849050725",
"linkid": "coop-group",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Current and former members',
'industry': 'Retail',
'name': 'The Co-operative Group',
'type': 'Retail'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Names',
'Email Addresses',
'Phone Numbers',
'Postal Addresses']},
'description': 'The Co-operative Group disclosed unauthorized access to '
'member records, exfiltrating personal details of current and '
'former members. No financial or sensitive authentication data '
'was compromised, but the theft of contact information raises '
'concerns over potential phishing campaigns and identity '
'fraud.',
'impact': {'brand_reputation_impact': 'Potential undermining of member trust',
'data_compromised': ['Names',
'Email Addresses',
'Phone Numbers',
'Postal Addresses'],
'identity_theft_risk': 'High',
'payment_information_risk': 'Low'},
'lessons_learned': 'Importance of robust access controls, timely detection '
'mechanisms and comprehensive incident response plans',
'recommendations': 'Accelerating security audits, strengthening encryption '
'protocols and reviewing third-party access',
'regulatory_compliance': {'regulatory_notifications': 'Regulators assessing '
'the adequacy of '
'security safeguards'},
'response': {'communication_strategy': 'Notifying affected individuals, '
'offering guidance on monitoring '
'communications',
'enhanced_monitoring': 'Implementing enhanced security measures'},
'threat_actor': 'Hackers',
'title': 'Co-operative Group Data Breach',
'type': 'Data Breach'}