Ash Street Co-op Still Suffering Fallout From Cyber Attack

Published on: 7 May, 2025
Updated on: 13 May, 2025

The Co-op in Ash Street, Ash

By David Reading

The Co-op in Ash Street, Ash, is one of those still being severely affected by the cyber attack that has hit deliveries in many Co-op stores across the UK.

A statement issued today (May 7) by the Co-op’s Ash team said the attack was “vastly impacting us instore and our shelves in certain sections are bare. Ash Street has received no depot deliveries since last Thursday.”

Today vegetable shelves and parts of the chilled goods section were almost empty, although other shelves were well stocked. Bakery goods, for example, are delivered by other companies and are therefore unaffected.

Pat McFadden

Cabinet Minister Pat McFadden today warned that “the cyber attacks on M&S, Co-op and Harrods should be a wake-up call” as he announced a cybersecurity investment boost. McFadden is Chancellor of the Duchy of Lancaster, a senior cabinet position typically held by a close ally of the Prime Minister entrusted to support the delivery of current priorities.

According to some reports, the hacking groups are thought to be composed of British and US teenagers and are part of wider attacks on British retail. M&S and Harrods are both reported to have been affected.

Yesterday, an assistant in M&S on Guildford High Street was heard to say that their cyber-attack problems had not yet been fully resolved and it was affecting the store’s stock and sales recording, However there appeared to be no gaps on the shelves.

The Ash Co-op statement said: “We are doing everything we can to keep some service going. We still can process paypoint transactions. We are getting bread and sandwiches. Fingers crossed we will be receiving some depot stock tomorrow but no chilled until Friday, I believe.

“I hope you understand there is not a lot we can do apart from smile and soldier on while our IT colleagues sort this out this mess.”

The Co-op’s CEO, Shirine Khoury-Haq, put out a statement nationally describing the criminals perpetrating the attacks as “highly sophisticated”.

The statement added: “Actively managing the severity of the attack has meant shutting down some of our systems to protect the organisation.

“That said, our front-line colleagues are focused on minimising any disruption that might be experienced by our members and customers.

“As previously communicated, we have established that the cyber-criminals were able to access a limited amount of member data. This is obviously extremely distressing for our colleagues and members, and I am very sorry this happened.”

Another statement on May 2 said: “This data includes Co-op Group members’ personal data such as names and contact details, and did not include members’ passwords, bank or credit card details, transactions or information relating to any members’ or customers’ products or services with the Co-op Group.”

A Co-op spokesperson told the BBC that deliveries to its stores were impacted by the “sustained malicious attempts by hackers to access our systems”.

“We are working around the clock to reduce disruption and resume deliveries,” the spokesperson said.