TeamHood 
Swedish supermarket chain Coop has shut down approximately 500 stores after they were affected by an REvil ransomware attack targeting managed service providers through a supply-chain attack.
Last night, the supermarket chain closed its stores after the REvil ransomware gang targeted managed service providers (MSPs) and their customers in a massive supply-chain attack through Kaseya VSA, a remote patch management and monitoring suite.
Soon after the attack, Coop posted a notice stating all of their stores except for five had been shut down after cash registers no longer functioned due to an “IT attack” on one of their suppliers.
Right now, many of our stores are temporarily closed. The following stores are NOT affected and are open: The online store on coop.se, stores in Värmland, Oskarshamn, Tabergsdalen, Norrbotten and on Gotland.
One of our suppliers has been hit by an IT attack and therefore the cash registers do not work. We regret this and do everything to be able to open again soon. – Coop.
Coop first learned of the attack at approximately 7 PM last night when there were problems with the cash registers. causing stores to close. The stores continue to be closed through Saturday as Coop works on restoring operations.
“We got signals from some of our stores last night at about 7 pm that there were problems with the cash registers. Since the customers could not pay, some stores closed early last night. During the night we have worked on the problem, and this morning at 8 am we took the decision to close the stores, with the exception of a few regions that weren’t affected, to be able to solve the problem without interference.
“So, not all of our 800 stores were affected, but a majority of them. They have been closed the whole day today Saturday.”
