DiscoverThe Small Business Cyber Security Guy | UK Cybersecurity for SMB & Startups£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's Cybersecurity
£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's Cybersecurity

£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's Cybersecurity

Update: 2025-09-25
Share

Description

Co-op's CEO has just confirmed that their cybersecurity disaster cost £80 million. The attackers? Teenagers are using basic social engineering. In this Hot Takes episode, we break down how "We've contained the incident" turned into an £80 million earnings wipeout, and why the final bill could reach £400-500 million once legal claims are settled.


This isn't just another breach story - it's a wake-up call for every UK business owner who thinks "it won't happen to us."


Key Topics Covered

The Attack Breakdown [0:30 ]



  • April 2024 attack by the Scattered Spider group

  • Social engineering, not sophisticated exploits

  • 6.5 million members affected (100% of Co-op members)

  • 2,300 stores disrupted, 800 funeral homes on paper systems


The Real Cost [1:45 ]



  • £80 million confirmed earnings impact

  • £206 million total sales impact

  • £20 million in direct incident costs

  • Zero cyber insurance coverage


Why It Could Get Much Worse [2:30 ]



  • Pending ICO fine: £15-20 million likely

  • Individual GDPR compensation claims: £25-£150 per person

  • Potential £325 million member compensation exposure

  • Final bill estimate: £400-500 million


Lessons for UK Small Businesses [3:15 ]



  • Social engineering beats technical defences

  • Cyber insurance is essential, not optional

  • Business continuity failures amplify costs

  • Training matters more than firewalls


Key Statistics

  • £80 million - Confirmed earnings impact

  • 6.5 million - Customers affected (every single member)

  • £12 - Cost per affected customer (low by UK standards)

  • £325 million - Potential member compensation exposure

  • 17-20 years old - Age of arrested suspects

  • 2,300+ - Stores affected by operational disruption


Resources & Links

Full Analysis:

Read the complete breakdown: Link 


Key Sources Cited:



  • ICO Statement on Retail Cyber Incidents

  • Computer Weekly: Co-op breach coverage

  • Insurance Insider: Co-op's lack of cyber coverage

  • UK Government Cyber Security Breaches Survey 2025


Action Items for Listeners

  1. Check your cyber insurance policy - Do you have coverage? Is it adequate?

  2. Review employee training - When was the last time your team received social engineering awareness training?

  3. Test business continuity - Can your operations survive 2 weeks offline?

  4. Read the full blog post - Get all the details and cost breakdowns


Quote of the Episode

"Co-op's disaster isn't a cybersecurity failure. It's a business leadership failure. And if you're listening to this thinking your business is different, you're next."


 

Comments 
In Channel
loading
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's Cybersecurity

£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's Cybersecurity

The Small Business Cyber Security Guy