The U.K.-based Co-operative Group has revealed the full financial impact of the Scattered Spider cyberattack, confirming that the April 2025 incident has cost the organization over $100 million in lost operating profit.
In its interim financial results, Co-op reported an £80 million ($107 million) hit to operating profit. The losses break down into £20 million in one-off recovery and remediation costs and £60 million in lost sales during system outages. In total, the attack caused a £206 million ($277 million) reduction in revenue, as the group faced significant disruption to its operations during the prolonged recovery period.
Ongoing Financial Fallout of the Co-Op Cyberattack
The company warned that the cyberattack will continue to weigh on its performance for the remainder of the year. Co-op expects another £20 million in losses during the second half of 2025 as the recovery process continues, with ongoing investment required to restore systems, improve resilience, and prevent future breaches.
Co-op is one of the largest member-owned co-operative groups in the United Kingdom, operating over 2,300 food retail stores and 59 franchise outlets. In addition to its retail operations, the group provides life services and B2B services, making the incident one of the most disruptive cyber events to hit a major U.K. consumer-facing organization this year.
Co-Op Cyberattack Details and Operational Impact
The April attack forced Co-op to shut down parts of its IT systems to contain the breach, resulting in limited disruption to back-office and call-center services. While store operations remained largely unaffected, the outage impacted logistics, supply chain coordination, and customer support, contributing to the significant revenue loss.
“The financial impact of this attack underlines the growing risks posed by sophisticated cybercrime groups like Scattered Spider,” the company stated in its filing, adding that its recovery efforts are still ongoing.
Part of a Growing Trend
The incident adds to a growing list of Scattered Spider attacks targeting major corporations in 2025. The group, known for its advanced social engineering techniques and SIM-swapping campaigns, has been linked to several high-profile breaches this year, including attacks on MGM Resorts and Caesars Entertainment in the United States.
Industry experts warn that organizations in retail and hospitality remain prime targets for financially motivated threat actors due to the sensitive customer data and high operational dependence on IT systems.
Security Implications
The breach underscores the importance of resilient cybersecurity strategies, including multi-factor authentication, continuous monitoring, and strong incident response plans. Analysts recommend that organizations review their vendor access, implement employee phishing awareness training, and prepare contingency plans for extended outages.
