Multiple Location Supermarket Suffers Supply Chain Attack

Uploaded on 2021-12-07 in TECHNOLOGY--Hackers, FREE TO VIEW

A cyber attack has simultaneously hit more than 300 Spar convenience stores across the north of England in an apparent supply chain attack, forcing many of them to revert to cash-only payments while others chose to close their doors to customers. The attack hit the company’s computer systems, causing a “total IT outage” that has prevented staff from taking card payments and locked them out of emails.

The attack targeted James Hall & Company in Preston, Lancashire, which operates Spar's tills and IT systems and the affected stores have been able to handle card payments. The company supplies products to around 600 Spar stores. 

The UK  National Cyber Security Centre (NCSC) and Lancashire Police are investigating. A spokesman for Sparb said: "We are aware of an issue affecting Spar stores and are working with partners to fully understand the incident... We are working to resolve this situation as quickly as possible."

This isn't the first time a supermarket chain has been brought to its knees by a cyber attack. In July hackers caused 500 Co-op stores in Sweden to close as tills and self-service machines were taken down as one of the international effects of the massive Kaseya supply chain attack. In that case, it was the Co-op supermarket's IT supplier that was hit with ransomware.

The question for James Hall is now the one all cyber attack victims dread - whether or not to to pay the  criminals to get the  shops back online?

For the hundreds of thousands of Spar customers affected by the hack the urgent question is when will their local stores open again?  It has more than 2,500 stores in the UK that employ about 40,000 people and has an annual turnover of more than £3bn. At the time of writing both the Spar and the James Hall &Co websites were inaccessible.

NCSC:     LEP:      ITPro:      ZDNet:    BBC:    Guardian:    Telegraph:     Times:    Cumbria Crack

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

« Cyber Attacks Should Be The #1 Concern For Business Leaders
Twitter Takes-Down Thousands Of Propaganda Accounts »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

Cifas

Cifas

Cifas are leaders in fraud prevention, working closely with UK law enforcement partners.

Cybercrypt

Cybercrypt

Cybercrypt is a world leading system provider in robust cryptography. Protecting critical assets, applications and sensitive data.

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

Trulioo

Trulioo

Trulioo is a leading global identity and business verification company providing secure access to data sources worldwide to instantly verify consumers and businesses online.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Prescient

Prescient

Prescient’s Cyber solutions supplement your firm’s existing data security infrastructure with specialized investigations that identify unconventional cyber risks.

JaCIRT

JaCIRT

JaCIRT is the national Cyber Incident Response Team for Jamaica, established to deliver on the mandate outlined in the GoJ’s National Cyber Security Strategy.

Blumira

Blumira

Blumira provides comprehensive, hybrid cloud security monitoring and reporting for organizations of all sizes, enabling them to detect and respond to cloud security threats quickly and effectively.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

Global Resilience Federation (GRF)

Global Resilience Federation (GRF)

GRF builds, develops and connects security information sharing communities for mutual defense.

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.

Jitterbit

Jitterbit

Jitterbit integrates critical business processes and enables application development to deliver the experiences and insights needed by enterprises of all sizes to accelerate their digital journey.

Interlynk

Interlynk

Interlynk's #SBOM and # VEX-powered platform automates and continuously monitors first-party and vendor software supply chains and helps meet #FDA, #CRA, #GSA, and #DoD compliance obligations.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.

Rite-Solutions

Rite-Solutions

Rite-Solutions is an award-winning software development, systems engineering, and information technology firm.