The Co-op has been hit with an attempted hack of its systems as fellow British retailer Marks & Spencer (M&S) continues to grapple with the ongoing impacts of a cyber-attack that has caused chaos for the retailer since last week.

According to The Guardian, Co-op told staff in a letter that it had “pre-emptively withdrawn access to some systems for the moment” to keep them safe.

The report said that the company had closed down several business services for staff operating stores and its legal services division, while the stock monitoring system is also thought to be impacted.

A source told the newspaper that some staff have been unable to work from home since Wednesday after Co-op blocked of remote access across several systems.

They also warned that if the issue is not resolved soon, stores could have missing stock on the shelves.

“We have recently experienced attempts to gain unauthorised access to some of our systems," said a Co-op spokesperson. “As a result, we have taken proactive steps to keep our systems safe, which has resulted in a small impact to some of our back office and call centre services."

The retailer assured customers that all of its stores, including quick commerce operations and funeral homes, are trading as usual.

It added that it is not asking its staff or customers to do anything differently at this time.

Sam Kirkman, director of services EMEA at security technology company NetSPI, said that the back-to-back nature of the Co-op and M&S incidents should serve as a "wake-up call" for the industry.

“Hot on the heels of the serious cyber breach at M&S, the attempted attack on Co-op underscores the heightened threat environment UK retailers are currently facing," he said.

The security expert went on to say that Co-op's decision to take part of its systems offline is designed to protect critical infrastructure and minimise potential disruption, rather than an indication that the situation has worsened.

“These incidents are a reminder of how complex the IT landscape is for major retailers," continued Kirkman. "With so many systems tightly connected across in-store and online operations, a problem in one area can quickly impact others."

The move comes after M&S faced what is understood to be a ransomware attack by a criminal gang last week which has since impacted online orders, Click & Collect, and contactless payments.

The retailer stopped taking online orders last Friday as part of what it described as "proactive management" of the incident.

The company's shares fell by two per cent on Monday, having already dropped as much as eight per cent since the cyber issue was first disclosed on 22 April.

Earlier this week, the retailer instructed approximately 200 agency staff at its Castle Donington distribution centre in central England to stay home.

Agency workers, who typically support the warehouse during busier periods and constitute about 20 per cent of the distribution centre's workforce, were told not to come in, according to a person familiar with the situation. The company's permanent employees at the site have been instructed to report to work as normal.

It also blocked remote workers from accessing internal systems.

M&S, which sells premium groceries alongside clothing and home products, is scheduled to publish its full-year results on 21 May.

---