What: Co-op faces significant cybersecurity crisis as hackers access internal systems and customer database, compromising personal data of millions while attempting extortion through direct executive contact.

Why it is important: "This incident demonstrates the evolving sophistication of retail cyber threats, where attackers combine system breaches with direct executive communication to maximise impact and leverage.

The cyberattack against Co-op has proven more severe than initially reported, with hacking group DragonForce claiming access to personal data of up to 20 million individuals through the retailer's membership scheme. The hackers demonstrated their breach by sharing evidence of direct communication with Co-op's head of cyber security via Microsoft Teams on April 25, where they claimed to have exfiltrated customer database and membership card information. In response, Co-op has implemented enhanced security measures, including mandatory camera use during virtual meetings and participant verification protocols. The company has confirmed the compromise of current and former members' data, including names, addresses, email addresses, phone numbers, and membership details, though passwords and payment information were reportedly not affected. The incident has prompted involvement from the National Cyber Security Centre and National Crime Agency, with government officials emphasising the critical importance of cybersecurity in retail operations.

IADS Notes: The Co-op data breach represents a significant escalation in retail cybersecurity threats. According to RH-ISAC in April 2025 , ransomware accounts for 30% of retail security incidents, with average losses reaching $1.4 million per attack, while third-party breaches represent 41% of reported incidents. Inside Retail's March 2025 analysis  highlighted how a single security update failure resulted in $5.4 billion in losses for Fortune 500 companies, demonstrating the catastrophic potential of such breaches. Drapers' April 2025 coverage  of the M&S cyber incident, which wiped £700 million off their market value, shows how these attacks can severely impact business valuations and operations. Forbes' February 2025 report  revealed that while 86% of retailers use third-party tools, only 13% fully understand what data these systems collect, highlighting a critical vulnerability that groups like DragonForce exploit. The Co-op incident, affecting up to 20 million individuals and involving sophisticated social engineering through internal communication systems, demonstrates how modern cyber threats combine technical exploitation with human factors to breach retail security.

Co-op cyberattack far worse than first claimed