Co-op cyberattack exposes personal data of 20 million customers, NCA investigates

The Co-op has issued an apology after confirming that hackers accessed and extracted the personal data, including names and contact details, of a significant number of its past and current members. The breach did not involve passwords, bank or credit card information, or transaction data. The retailer is working with the UK's National Crime Agency and National Cyber Security Centre to investigate the incident, which it described as a highly complex and ongoing cyberattack. A ransomware group named DragonForce has claimed responsibility and is seeking to extort money from the company. The Co-op has implemented additional security measures to prevent further unauthorized access while maintaining operations, with most stores and services unaffected. This attack comes amid a wave of similar incidents targeting other major UK retailers, including Marks & Spencer and Harrods, prompting authorities to consider potential links between the cases.