On the 2nd of July 2021, approximately 500 Coop Supermarket in Sweden had to shut down due to their point-of-sale tills and self-service checkouts had stopped working. This is a result of the Kaseya supply chain attack by the REvil ransomware group as Coop’s cash registers are run by Visma Esscom, which manages servers for several Swedish businesses and in turn were hit by REvil attack as they use Kaseya.
Coop also mentioned that the stores and the affected cash registers will be back in business as soon as possible. Coop was an indirect victim of the Kaseya supply chain attack as they were not attacked by REvil.
The UK’s National Cyber Security Center said: “We are aware of a cyber incident involving Kaseya, and we are working to fully understand its impact.
At the time of when they discovered the problems, they were not concerned but overnight they realized that the problems they were experience were major and therefore decided to keep most of their stores closed so they could attempt to fix the problems. Some stores did open and allowed customers to shop and pay through the app named “scan and pay”.
A Coop spokesperson stated because the whole paying system went down, they would need to fix the issues, which would involve Visma Esscom to come to all the affected stores physically and fix the cash registers by restoring them from backups.