Cyber Incident Victim: SPAR

On or around December 4-5, 2021, a cyberattack disrupted operations at approximately 330 SPAR convenience stores across northern England. The incident caused a widespread IT outage affecting critical systems, including point-of-sale terminals and credit card processing capabilities. Lawrence Hunt & Co Ltd., operating 25 SPAR branches in Lancashire, reported a "total IT outage" that began impacting stores on Sunday, December 5, forcing immediate closures and preventing email access. James Hall and Co, the Preston-based distributor serving 600 SPAR locations in the region, confirmed the cyberattack's impact on their systems, which cascaded to retail operations. Stores experienced immediate payment processing failures, with many unable to accept card transactions.

By December 6, numerous SPAR locations remained closed or operated under cash-only restrictions due to unresolved technical issues. SPAR Ribchester and other affected stores provided no estimated restoration timeline for their systems. The UK's National Cyber Security Centre (NCSC) acknowledged the incident and initiated evaluations, though no official attribution or specific attack methodology was disclosed at the time. Operational disruptions included prolonged store closures, loss of electronic payment capabilities, and communication system inaccessibility. Retail operators publicly apologized for customer inconveniences while working to restore services, with no confirmed resolution timeframe available as of the reporting date. The incident's scope remained confined to SPAR's northern England operations, without impacting the organization's international network of 13,320 stores across 48 countries.