Cyberattack forces supermarket Spar to close some stores

The retailer has been forced to close a number of stores following what it describes as an "online" attack.
Written by Danny Palmer, Senior Writer

A cyberattack has forced supermarket chain Spar to close some of its UK stores.

The retailer, which has 2,600 locations in the UK, said it has been hit by what it describes as an "online attack", leaving some stores without the ability to take payments by card.

"There has been an online attack on our IT systems which is affecting stores' ability to process card payments, meaning that several Spar stores are currently closed. We apologise for any inconvenience, we are working as quickly as possible to resolve the situation," Spar UK said in a tweet sent to customers asking why branches of the store in areas of the country, including Yorkshire and Lancashire, were closed.

SEE: A winning strategy for cybersecurity (ZDNet special report)

Some stores appear to have been suffering issues since Sunday, meaning that this is a multi-day incident. One customer commented that stores with accompanying petrol stations were also closed.

It's currently unclear what sort of "online attack" has forced the stores to close, but a Spar spokesperson confirmed that a number of stores have been affected by a cyberattack against James Hall & Co Ltd, a business that supplies Spar stores across the north of England.

"James Hall & Company are currently aware of an online attack on it's IT system. This has not affected all SPAR stores across the North of England, but a number have been impacted over the past 24 hours and we are working to resolve this situation as quickly as possible," said a Facebook post by Spar Oswaldtwistle.

ZDNet has attempted to contact James Hall & Co, but hadn't received a response at the time of publication. The website of the company is also down at the time of writing. 

"We are aware of an issue affecting Spar stores and are working with partners to fully understand the incident," an NCSC spokesperson told ZDNet. 

"The NCSC has published guidance for organisations on how to effectively detect, respond to, and resolve cyber incidents."


Editorial standards