Spar forced to close a number of stores following cyber attack

Spar forced to close a number of stores following cyber attack. Image Credit: Spar

Image:
Spar forced to close a number of stores following cyber attack. Image Credit: Spar

More than 300 branches have been affected as a result of the attack

A cyber attack has forced convenience store chain Spar to close some of its shops in the UK.

The attack occurred on Sunday, and targeted James Hall & Company, which operates Spar's tills and IT systems and provides stocks to hundreds of Spar sites across the north of England.

More than 300 branches of the grocery chain were affected as a result of the attack, according to the BBC, although some avoided closing by switching to cash payments.

The company's IT staff worked through the Sunday night to try to fix the problems.

A Spar spokesperson said that the incident impacted all IT systems in the company, leaving the staff without access to emails.

Some branches of the supermarket later started accepting cash, although the rest were forced to close completely.

Spar said the online attack affected stores' ability to process card payments.

The company apologised to customers for the inconvenience caused and said that they were working to resolve the issue as quickly as possible.

One Spar branch on Monday afternoon tweeted that there was "no time set to be back online".

"Unfortunately due to a total IT outage affecting all our stores we have had to remain closed all day Sunday with no time set to be back on line - our apologies for the massive inconvenience to all our customers and store teams," Spar Lawrence Hunt & Co Ltd., which operates 25 branches across Lancashire, stated.

A spokesperson for the UK's National Cyber Security Centre (NCSC) said they were aware of the security incident impacting Spar stores and had been working with partners (Lancashire Police) to fully understand the issue.

"The NCSC has published guidance for organisations on how to effectively detect, respond to and resolve cyber incidents," the spokesperson added.

However, this not the first instance of a retail chain having been targeted in a cyber attack.

In October, Britain's biggest supermarket Tesco also suffered a similar attack, leaving thousands of shoppers unable to buy groceries or track their orders online at Tesco stores for two days.

The problem occurred after someone tried to "interfere" with Tesco IT systems. At the time, the firm told customers there was "no reason" to believe any customer data was compromised as a result of the security incident.

In March 2020, Tesco was forced to block 620,000 Clubcards after discovering a credential stuffing attack on its platform.

The firm said it noticed fraudulent activity where scammers used its website to test a database of usernames and passwords. The database was likely stolen from another platform, but it might have worked in cases where customers used the same username and password, Tesco warned.

In July, some 500 Coop supermarket stores in Sweden were forced to close following Kaseya ransomware attack that affected hundreds of organisations around the world.