Multiple Location Supermarket Suffers Supply Chain Attack

Uploaded on 2021-12-07 in TECHNOLOGY--Hackers, FREE TO VIEW

A cyber attack has simultaneously hit more than 300 Spar convenience stores across the north of England in an apparent supply chain attack, forcing many of them to revert to cash-only payments while others chose to close their doors to customers. The attack hit the company’s computer systems, causing a “total IT outage” that has prevented staff from taking card payments and locked them out of emails.

The attack targeted James Hall & Company in Preston, Lancashire, which operates Spar's tills and IT systems and the affected stores have been able to handle card payments. The company supplies products to around 600 Spar stores. 

The UK  National Cyber Security Centre (NCSC) and Lancashire Police are investigating. A spokesman for Sparb said: "We are aware of an issue affecting Spar stores and are working with partners to fully understand the incident... We are working to resolve this situation as quickly as possible."

This isn't the first time a supermarket chain has been brought to its knees by a cyber attack. In July hackers caused 500 Co-op stores in Sweden to close as tills and self-service machines were taken down as one of the international effects of the massive Kaseya supply chain attack. In that case, it was the Co-op supermarket's IT supplier that was hit with ransomware.

The question for James Hall is now the one all cyber attack victims dread - whether or not to to pay the  criminals to get the  shops back online?

For the hundreds of thousands of Spar customers affected by the hack the urgent question is when will their local stores open again?  It has more than 2,500 stores in the UK that employ about 40,000 people and has an annual turnover of more than £3bn. At the time of writing both the Spar and the James Hall &Co websites were inaccessible.

NCSC:     LEP:      ITPro:      ZDNet:    BBC:    Guardian:    Telegraph:     Times:    Cumbria Crack

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

« Cyber Attacks Should Be The #1 Concern For Business Leaders
Twitter Takes-Down Thousands Of Propaganda Accounts »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

Copper Horse Solutions

Copper Horse Solutions

Copper Horse specialises in mobile and IoT security, engineering solutions throughout the product lifecycle from requirements to product security investigations.

PKWARE

PKWARE

PKWARE is a global leader in business data security, providing encryption and compression solutions to enterprise customers and government entities around the world.

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

RCDevs

RCDevs

RCDevs is an award-winning Software company providing security solutions designed for modern enterprise technologies and suited for SMEs to large corporations.

Advisera 27001Academy

Advisera 27001Academy

Advisera is a market leader in providing documentation and online support for the implementation of business standards including ISO 27001, ISO 22301 and EU GDPR.

DarkLight

DarkLight

DarkLight is a cybersecurity platform that mimics human thinking at scale to build resiliency to Advanced Persistent Threats.

Sovrin Foundation

Sovrin Foundation

The Sovrin Foundation is a private-sector, international non-profit that was established to govern the world's first self-sovereign identity (SSI) network.

Association of anti Virus Asia Researchers (AVAR)

Association of anti Virus Asia Researchers (AVAR)

AVAR's mission is to prevent the spread of and damage caused by malicious software, and to develop cooperative relationships among anti-malware experts in Asia.

LGMS - LE Global Services

LGMS - LE Global Services

LGMS is a leading cyber security penetration testing and assessment firm in the Asia Pacific region.

SolidRun

SolidRun

SolidRun is a leading provider of computing and network technology designed to streamline the deployment of edge computing infrastructure and support embedded and IoT markets.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.