The Co-op cyberattack has been confirmed to be more severe than initially thought, involving the theft of personal data from numerous current and former customers. The hackers accessed a database containing sensitive information, but not passwords or financial details. Investigations indicate that the attack involved social engineering methods similar to those used in previous attacks such as that on Marks and Spencer. Affected: Co-operative Group
Keypoints :
- The Co-op confirmed that a cyberattack resulted in the theft of personal data of many current and past customers.
- The attack involved social engineering, allowing hackers to reset an employee’s password to breach the network.
- The DragonForce ransomware operation is responsible for the attack, claiming to have data from 20 million individuals in Co-op’s reward program.
- Co-op is working with Microsoft DART and KPMG to rebuild its IT infrastructure and enhance security measures.
- Post-attack, Co-op advised employees to exercise caution with sensitive data on Microsoft Teams.
- DragonForce utilizes ransomware-as-a-service models, collaborating with other cybercriminals to extort victims.
- The group is associated with tactics commonly linked to threats identified as “Scattered Spider” or “Octo Tempest.”
- Recent arrests have targeted original perpetrators of these tactics, but new attackers are using similar methods.
- Cybersecurity experts are providing guidance on defense strategies against Scattered Spider-style attacks.