Swedish supermarket chain Coop has confirmed that its stores in the county of Värmland have been exposed to a cyberattack.
The ransomware group Cactus claimed responsibility for the attack, according to a statement provided to Recorded Future News.
The cyberattack started on 22 December 2023 and left all Coop Värmland outlets unable to process card payments.
The stores remained open and the retailer reassured customers through a temporary page on its website.
The page also provides alternative contact methods for specific orders or questions regarding its rewards programme.
Meanwhile, Coop urged customers to reach out to their nearest store via Facebook for inquiries.
A Coop spokesperson was quoted by Recorded Future News as saying: "We can confirm that Coop Värmland has experienced a cyberattack. Upon detection, external expertise was engaged, and they promptly initiated intensive efforts, primarily focused on closing the vulnerabilities where intrusions occurred.
"The current assessment indicates that these vulnerabilities have been successfully addressed. The work has been ongoing since the occurrence and has persisted throughout the Christmas holiday."
The Värmland branch runs 44 supermarkets, 15 Pekås and two MaxiMat stores.
The cyberattack is not the first for Coop, which was impacted by a ransomware attack on Kaseya in 2021, resulting in the closure of 800 Coop stores nationwide.
The Cactus ransomware gang has not disclosed the extent of the data compromised or the ransom amount demanded.