Cyber Incident Victim: Coop Värmland ekonomisk förening

Coop Värmland experienced two payment system disruptions within one week in December 2023, with the most recent incident occurring on or before December 22. The retailer's card payment infrastructure became inoperable across its network, preventing customers from completing transactions. Klas Olsson, a company representative, publicly attributed the outage to a deliberate cyberattack rather than technical malfunction. Attackers deployed malware designed to disable critical payment processing systems, though the specific attack vector remained unspecified in public statements. The threat actors pursued financial extortion by demanding payment to restore system functionality, a common ransomware tactic. Coop Värmland explicitly refused to comply with monetary demands despite operational paralysis affecting all 62 stores within Värmland County.

The retailer initiated incident response procedures to isolate compromised systems and restore payment capabilities, achieving full resolution by December 22. No evidence indicated unauthorized access or exfiltration of customer personal data during the attack. Operational impacts were confined to payment processing disruptions, with no reported physical safety incidents or inventory losses. The organization maintained public transparency through direct communication with SVT Nyheter Värmland but did not disclose technical remediation steps or third-party cybersecurity involvement. This marked the second confirmed cyber incident targeting Coop Värmland's infrastructure within a seven-day period, demonstrating persistent threats against regional retail operations. Business continuity plans enabled the stores to maintain partial operations through alternative transaction methods during the outage period.