2. Co-op
When: May
What happened?
One of three major retailers featured in this rundown, Co-op suffered a coordinated cyber-attack that halted tills across 2,300 stores and disrupted supply chains.
Who nominated it, and why?
Four of our panellists felt this cyber-attack is among the year’s most significant in the shape of Red Helix CEO Marion Stewart, Secon CEO Rob Gupta, Cyberfort CEO Glen Williams and Computacenter Chief Technologist – Networking, Security & Unified Communications, Dr Colin Williams.
Invited to expand on his thinking, Computacenter’s Williams said the Co-op cyber-attack was one of the few to impinge on his day-to-day life.
“It became personal for me as a daily shopper on my way to and from work and therefore affected me as a customer with tills not functioning and rapidly emptying shelves,” he explained.
Stewart was on the same wavelength as Williams.
“Unlike many cyber incidents that happen behind the scenes, this one caused visible disruption – shelves went unstocked, deliveries were missed, and staff were unable to carry out day-to-day tasks,” she said.
“The Co-op incident highlighted just how fast a cyber event can escalate into a reputational and operational crisis,” Gupta added.
Channel takeaway:
What lessons can MSSPs and cyber providers glean from this particular attack?
With social engineering rumoured to be a tactic used by the attackers to gain a foothold into the organisation, Co-op’s misfortunes highlight the importance of identity protection, Computacenter’s Williams said.
“It reinforces the need for businesses to view cybersecurity through a risk lens, prioritising threat modelling, response readiness, and the board-level visibility that’s essential for effective mitigation,” Gupta chipped in.
“Expert MSPs like Red Helix could have helped prevent the Co-op breach by implementing real-time threat detection, secure network monitoring, and robust backup systems to maintain operational continuity during an attack,” Stewart said, meanwhile.
“They would also have supported strong access controls and incident response planning, reducing the risk of disruption and data loss which would have mitigated the issues on supply chain. Regular scenario testing exercise could also have greatly helped with the response actions and prevented the consumer impact that was felt across the country, hitting some isolated communities very hard.”
One cyber-attack was considered more significant by our leadership panel. See final page for more…
