Co-op Cyber-Attack Costs Retailer Over £206m, Forcing Major Losses
The Co-op has revealed that the devastating cyber-attack it suffered earlier this year has already cost the business at least £206 million in lost revenue, marking one of the most damaging cybersecurity breaches in the UK retail sector to date.
The attack, which struck in April 2025, crippled the company’s IT networks, disrupted digital payments, emptied store shelves, and exposed sensitive customer data. Co-op officials said the malicious breach caused “significant challenges” across its food stores and funeral services, creating ongoing difficulties for both staff and shoppers.
A Heavy Blow to Business Performance
In its financial report covering the six months to 5 July 2025, the Co-op confirmed a £75 million pre-tax loss, a sharp contrast to the £3 million profit it posted during the same period last year. Chair Debbie White described the incident as “malicious” and warned that the overall financial toll may climb further in the second half of the year.
The retailer’s group revenue dropped to £5.48 billion, compared with £5.6 billion in the same period of 2024. Alongside the cyber-attack, rising staffing costs, tighter regulations, and economic pressures linked to the cost-of-living crisis added to the financial strain.
White emphasized that despite the setback, the Co-op intends to rebuild stronger:
“We must now focus on coming back better and more resilient to meet both the challenges and opportunities that lie ahead.”
Disruption on the Ground
The April attack triggered visible chaos across Co-op’s stores nationwide. Customers in both urban and rural communities faced shortages of food and everyday essentials, while card payment systems failed in many outlets.
The impact was particularly severe in rural towns where the local Co-op often serves as the primary supermarket. Funeral homes, another critical part of the business, were also forced to temporarily return to manual, paper-based systems to keep services running.
Initially, the company played down the scale of the breach, but later admitted that all 6.5 million Co-op members had their data stolen.
Chief executive Shirine Khoury-Haq acknowledged that while the response highlighted the business’s resilience, it also revealed weaknesses:
“This incident showed the strength of our teams and systems under pressure, but it also highlighted areas we must focus on—especially within our Food division.”
Wider Cybersecurity Threats in UK Retail
The Co-op cyber-attack was not an isolated incident. Around the same period, other major retailers, including Marks & Spencer and Harrods, were also targeted. Marks & Spencer suffered a larger financial hit of around £300 million after being forced to suspend all online sales for six weeks.
By comparison, the Co-op was able to resume normal trading faster, having detected and contained the breach earlier. Cybersecurity experts noted that this quick action may have prevented ransomware deployment, which could have inflicted even greater damage.
Speaking anonymously to the BBC, hackers who claimed responsibility said they had infiltrated Co-op’s networks long before detection. However, the retailer’s decision to disconnect its IT systems from the internet in time stopped the attackers from encrypting critical files.
Ongoing Risks Beyond Retail
The Co-op attack came amid a broader wave of cyber incidents across industries. At the end of August, Jaguar Land Rover (JLR) also suffered a severe breach that forced the company to shut down its IT networks and halt production at UK factories. JLR has since warned that operations may remain suspended until October at the earliest, affecting both employees and suppliers.
These events highlight how cybercrime has evolved into a national-scale threat, capable of paralyzing critical businesses, disrupting supply chains, and putting millions of customers at risk.
Pressure from Other Challenges
Even before the attack, the Co-op was under financial strain. In April, the group had already warned of more than £200 million in upcoming costs for 2025, including £80 million attributed to shoplifting. Rising energy bills, higher wages, and fragile consumer confidence due to inflation were adding further pressure on profitability.
The cyber-attack only magnified these issues, putting greater stress on day-to-day operations and forcing management to rethink long-term resilience strategies.
The Road Ahead
The Co-op insists it is committed to learning from the incident and strengthening defenses. The group is working to rebuild customer trust, enhance its cybersecurity measures, and improve contingency planning across its operations.
White said the crisis underscored the importance of investing in both technological resilience and operational agility:
“This has been a deeply challenging period for our colleagues and members. But as we rebuild, we will ensure the Co-op is better equipped to handle the risks of the future.”
With retail giants increasingly targeted by hackers, the Co-op’s experience serves as a warning to businesses across the UK. The financial hit, reputational damage, and customer data breach show how cyber-attacks can derail even the most established brands.
Conclusion
The Co-op cyber-attack of 2025 marks a turning point for the retailer, forcing it into heavy losses and exposing vulnerabilities in its systems. While the business managed to restore operations faster than some rivals, the fallout continues to weigh on finances and customer trust.
As cyber threats intensify, UK retailers and other industries face a stark reality: cybersecurity is no longer an optional investment—it is a necessity for survival in the digital age.