Fruit and veg shelves 90% empty in Caithness Coops after teen group’s cyber attack

Published: 16:13, 09 May 2025

Shoppers in Wick and Thurso have been shocked to find empty shelves at their Coop supermarkets after this week’s hacking issue.

Shelves at Wick’s Coop that would normally have been filled to the gunwales with an assortment of fruit and vegetables carried a few onions, apples, peppers and melons but were around 90 per cent empty yesterday afternoon. Thurso shoppers say that their local store has been similarly affected.

An information card beside one shelf said: “Customer Information: Sorry, we’re having some availability issues which will be resolved shortly.”

The fruit and veg shelves at Wick's Coop are almost completely empty after this week's hacking issue. Picture: DGS

On Tuesday, a Coop spokesperson said the supermarket apologises to Caithness shoppers for the lack of products in its Wick and Thurso stores after this week’s cyber attack.

Cyber criminal group DragonForce said it had infiltrated the Coop's IT systems and stolen a large amount of customer and employee data, including usernames, passwords, and the personal details of approximately “20 million members”.

Just a few battered looking onions and some garlic available at this area. Picture: DGS

The cyber criminals claim the hack is more extensive than the Coop initially stated, providing evidence of infiltrated IT networks and stolen data. The supermarket had initially downplayed the issue, claiming there was "no evidence that customer data was compromised".

However, the Coop eventually admitted that hackers had accessed data belonging to a "significant number" of past and present members. DragonForce further claims to have obtained the data of 20 million Coop members and also states they are behind the ongoing attack on M&S and a failed attempt to hack Harrods.

Not much available at this section in Wick's Coop supermarket on Thursday afternoon. Picture: DGS

Speaking to the Caithness Courier today (May 9), a Coop spokesperson said: "All our stores are open and trading and we are now making deliveries to all of our stores, flowing in an increased level of fresh, chilled and frozen products alongside cupboard essentials.

“Some of our stores might not have all their usual products available and we are sorry if this is the case for our members and customers in their local store. We are working around the clock to reduce disruption and are pleased we have resumed delivery of stock to our shelves."

Wick Coop had little fruit and veg. Picture: Alan Hendry

The supermarket says that due to the “sustained malicious attempts by hackers to access” its systems, it has taken proactive steps to keep these safe. The issue has “temporarily impacted” its staff and deliveries.

The store says that it thanks its colleagues, members, customers, and suppliers “for their understanding during this time”.

The recent cyber attacks are reportedly associated with a criminal group identified as Scattered Spider. This group is believed to consist of teenagers based in both Britain and the US.

The hackers are believed to consist of teenagers based in both Britain and the US. Picture: AdobeStock

Further information suggests that the hackers employed social engineering tactics, specifically deceiving employees into initiating password resets, as reported by the cybersecurity news platform BleepingComputer.

In response to these events, cybersecurity specialists from the National Cyber Security Centre and the National Crime Agency have been actively providing assistance to the affected retailers in addressing the situation.

Grab your first year of a Digital+ subscription for £20, available to new subscribers using the promo code DAVIDGSCOTT

Business Crime Latest News Update me David G Scott