Key Points
- Co-op plans to open 14 new stores, including the first permanent shop at Brent Cross Town, North London.
- Expansion includes five new micro-format ‘on the go’ stores and a franchise store at Lancaster University.
- By Christmas, 50 stores will have been opened or re-opened after refurbishments.
- The group aims to invest over £200 million in store openings and refurbishments during the latest financial year.
- Co-op continues to recover from a major cyber attack in April which affected earnings and sales.
- The cyber attack resulted in data theft of all 6.9 million members and caused around £206 million in lost sales.
- Hackers gained access by impersonating staff but did not install ransomware.
- Co-op calls for urgent business rates reform ahead of the autumn Budget to support high street investment.
- Chief Executive Shirine Khoury-Haq emphasises the need for government action to provide certainty and foster growth.
What are Co-op’s plans for new store openings in North London and beyond?
As reported by a MyLondon news reporter, the Co-op is advancing its expansion with the opening of 14 new stores, including a significant first: becoming the inaugural permanent retailer at the new Brent Cross Town development in North London. This forms part of a broader strategy that also includes five new micro-format ‘on the go’ stores tailored for convenience, and a new franchise outlet at Lancaster University.
The company announced that by Christmas, it would have opened or re-opened 50 stores, reflecting a robust push to revamp and grow its physical retail footprint across the UK.
How is Co-op addressing the impact of its recent cyber attack amid expansion?
According to business coverage by The Guardian, Co-op is recovering from a damaging cyber attack in April which affected its annual earnings by approximately £120 million and led to lost sales of around £206 million. The hackers gained access by impersonating employees to obtain login details, stealing data from all of the group’s 6.9 million members.
Despite the severity of the incident, sources stated that the attackers were unable to deploy ransomware or further compromise the company’s platforms beyond the initial data breach. The cyber attack caused significant disruption, including bare shelves in stores, but the group is moving ahead with its growth plans.
What refurbishments and investments is Co-op making in its store estate?
Bloomberg’s retail correspondent detailed that beyond new store openings, the Co-op will re-open numerous locations that had been closed for significant periods undergoing extensive refurbishments. These refreshed stores will feature new store layouts and updated product ranges designed to enhance the shopping experience.
The overarching investment in the store estate is expected to exceed £200 million during the financial year, taking the total to more than 200 stores having received opening or refurbishment work.
Why is Co-op urging for business rates reform and what is the government’s role?
Shirine Khoury-Haq, the Co-op Group chief executive, made clear in her statement to BBC News that while the company is heavily investing in communities and high streets, sustained growth requires greater certainty, particularly regarding business rates policy. She argued that reforming business rates is “vital” for retailers, especially small businesses that make up 99% of the market, to confidently plan, protect jobs, and support local economies.
Khoury-Haq highlighted the forthcoming autumn Budget as a critical opportunity for the Government to provide this certainty and deliver on promised reforms that enable retailers of all sizes to invest and grow.
How many stores does Co-op operate and what is the scale of their membership?
The Co-op runs more than 2,300 food stores across the UK and has a membership base of approximately 6.9 million owners. This cooperative ownership model is central to its business, making the cyber attack’s data breach especially impactful.
What steps did the hackers take during the cyber attack, and what was their ultimate objective?
As revealed in reports by The Telegraph, the hackers executed a sophisticated social engineering attack by impersonating Co-op staff to trick employees into granting access. Though they managed to steal membership data and disrupt sales, they did not progress to installing ransomware, which would have caused further operational paralysis.
The group highlighted that while a copy of one of its files was created, their systems were not compromised beyond the initial access, limiting the attack’s broader technical impact but still causing significant financial and reputational damage.
