Hundreds of SPAR stores shut down, switch to cash after cyberattack

Approximately 330 SPAR shops in northern England face severe operational problems following a weekend cyberattack, forcing many stores to close or switch to cash-only payments.

SPAR is an international supermarket franchise that operates 13,320 stores in 48 countries, but the recent security incident only affected stores in the northern part of England.

According to Lawrence Hunt & Co Ltd., which operates 25 branches across Lancashire, UK, the “total IT outage” has affected tills, credit card payment processing systems, and still prevents them from accessing emails.

Unfortunately due to a total IT outage affecting all our stores we have had to remain closed all day Sunday with no time set to be back on line - our apologies for the massive inconvenience to all our customers and store teams

— SPAR Lawrence Hunt (@lawrencehunts) December 5, 2021

James Hall and Co, a Preston-based food distributor who serves 600 SPAR stores in Lancashire, is also affected by the attack and stated the following on local media:

“We are currently aware of an online attack on our IT systems. This has affected around 330 SPAR stores across the North of England over the past 24 hours, and we are working to resolve this situation as quickly as possible.”

It is currently impacting stores’ ability to process card payments meaning that a number of SPAR stores are currently closed to shoppers or only taking cash payments.

We apologize for the inconvenience this is causing our customers, and we are working as quickly as possible to resolve the situation.”

SPAR Ribchester informed its customers yesterday that there’s, unfortunately, no estimate for restoring the systems.

Today, the shop remains closed along with many other SPAR points in the region, indicating that whatever trouble the cyberattack caused remains unresolved.

While the security incident carries clear signs of a ransomware attack that has locked down crucial IT systems, the nature of the cyberattack has not been officially disclosed as of yet.

BleepingComputer has reached out to all affected entities, and we will update this post as soon as we have additional information.

UK's national cybersecurity center (NCSC) has released a statement today to inform consumers that the agency is aware of the situation and working on the evaluation of the incident.