The Co-operative Group (Co-op) suffered a **malicious cyber attack in April 2025**, resulting in a **£80m ($107m) hit to its H1 2025 operating profits**, including **£20m in one-off costs**. The attack caused **payment disruptions across retail systems**, leading to **£206m in lost sales revenue** and **widespread product shortages**. Critical operations, including **funeral homes**, reverted to **paper-based processes**, while stores faced **empty shelves**. The breach compromised **personal data of all 6.5 million member customers**, exacerbating financial and reputational damage. The incident contributed to a **£75m pre-tax loss** (vs. a £3m profit in H1 2024), with full-year profit impact projected at **£120m**. Limited insurance recovery was expected, as coverage applied only to **immediate response costs**, not long-term losses. The attack exposed vulnerabilities in Co-op’s **IT infrastructure**, particularly in its **Food business**, prompting structural reforms. Group revenue declined **2.1% YoY** (£5.6bn → £5.4bn), though net debt reduced significantly from **£1bn (2021) to £43m**. Leadership acknowledged the attack’s **severe operational and financial consequences**, emphasizing ongoing efforts to mitigate future cyber risks.
Source: https://finance.yahoo.com/news/co-operative-group-reports-h1-152119359.html
TPRM report: https://www.rankiteo.com/company/the-co-op-group
"id": "the1692016092625",
"linkid": "the-co-op-group",
"type": "Cyber Attack",
"date": "6/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '6.5 million (member customers)',
'industry': ['retail', 'funeral services'],
'location': 'United Kingdom',
'name': 'Co-operative Group (Co-op)',
'size': 'large (£5.4bn revenue in H1 2025)',
'type': ['retailer', 'funeral services provider']}],
'data_breach': {'data_exfiltration': 'yes (theft of personal data)',
'number_of_records_exposed': '6.5 million (member customers)',
'personally_identifiable_information': 'yes',
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['personally identifiable '
'information (PII)']},
'date_detected': '2025-04',
'description': 'The Co-operative Group reported an £80m ($107m) hit to its H1 '
'2025 operating profits due to a cyber attack in April 2025. '
'The attack disrupted IT systems, caused payment issues, '
'product shortages, and led to the theft of personal data from '
"6.5 million member customers. The group's funeral homes "
'reverted to paper-based operations, and stores faced empty '
'shelves. The incident contributed to a £206m impact on sales '
'revenue and a £75m underlying pre-tax loss for H1 2025, '
'compared to a £3m profit in the same period the prior year. '
'The full-year profit impact is projected at £120m, with '
'limited insurance recovery.',
'impact': {'brand_reputation_impact': 'significant challenges noted by Co-op '
'chair Debbie White; incident described '
"as 'malicious'",
'data_compromised': {'personal_data': {'customers_affected': '6.5 '
'million '
'(member '
'customers)',
'type': ['personally '
'identifiable '
'information '
'(PII)']}},
'financial_loss': {'full_year_profit_impact': '£120m',
'insurance_recovery': 'limited',
'one_off_costs': '£20m',
'operating_profit_impact': '£80m (H1 2025)',
'pre_tax_loss': '£75m (H1 2025, vs £3m profit '
'in H1 2024)'},
'identity_theft_risk': 'high (due to theft of personal data from '
'6.5 million customers)',
'operational_impact': ['payment disruptions',
'widespread product shortages',
'empty shelves in stores',
'funeral homes reverted to paper-based '
'operations'],
'revenue_loss': {'group_revenue_decline': '2.1% (from £5.6bn in H1 '
'2024 to £5.4bn in H1 '
'2025)',
'sales_revenue_impact': '£206m'},
'systems_affected': ['IT systems (retailer)',
'payment systems',
'inventory management systems',
'funeral home operations (reverted to '
'paper-based)']},
'lessons_learned': ['Highlighted strengths but also areas needing focus, '
'particularly in the Food business.',
'Need for refining member and customer proposition.',
'Importance of structural changes to the business for '
'long-term success.',
'Disciplined investment approach to manage cyber impact.'],
'post_incident_analysis': {'corrective_actions': ['Refining member and '
'customer proposition.',
'Structural changes to the '
'Food business.',
'Disciplined investment '
'approach to reduce cyber '
'impact in H2 2025.']},
'recommendations': ['Continue refining member and customer propositions.',
'Implement structural changes in the Food business.',
'Maintain a disciplined investment strategy to mitigate '
'future cyber risks.',
'Enhance cyber resilience measures to prevent similar '
'incidents.'],
'references': [{'source': 'Retail Insight Network (GlobalData)'}],
'response': {'incident_response_plan_activated': 'yes (front-end elements of '
'cyber insurance utilized '
'for immediate response)',
'remediation_measures': ['refining member and customer '
'proposition',
'structural changes to the Food '
'business',
'disciplined approach to investment to '
'manage cyber impact in H2 2025'],
'third_party_assistance': 'yes (technology space third parties '
'via cyber insurance)'},
'title': 'Co-operative Group Cyber Attack (April 2025)',
'type': ['cyber attack', 'data breach', 'operational disruption']}