Breach, Data Security

The Co-op hack far worse than first reported

Data Leaks

BleepingComputer reports that the recent cyberattack on UK retail group The Co-operative Group, or Co-op, is more serious than previously disclosed, with hackers successfully stealing data from current and former members, including names and contact details, though no financial or password information was taken.

Such a breach was previously reported to be attributed to affiliates of the DragonForce ransomware group, which claims to have stolen data on 20 million individuals. The attackers exploited a social engineering tactic to reset an employee's password and gain access to internal systems, ultimately extracting Active Directory password hashes. The Co-op is now rebuilding its Windows domain controllers and bolstering defenses in collaboration with Microsoft DART and KPMG. The incident bears striking similarities to recent attacks on Marks & Spencer and Harrods, also linked to DragonForce affiliates. These attackers are believed to be part of the broader Scattered Spider cybercrime community, known for using aggressive extortion tactics and sophisticated entry methods like SIM swapping and MFA fatigue.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds