back to article Spar shops across northern England shut after cyber attack hits payment processing abilities

The British arm of Dutch supermarket chain Spar has shut hundreds of shops after suffering an "online attack," the company has confirmed to The Register. "This has not affected all SPAR stores across the North of England," a Spar spokesman told us, "but a number have been impacted over the past 24 hours and we are working to …

  1. 2+2=5 Silver badge
    Unhappy

    So near, so Spar

    "So near, so Spar" used to be their advertising strapline in the UK. Sounds like it applies to their IT security as well.

    1. mark4155

      Re: So near, so Spar

      I always thought it was "So near, so dear" anyways it's near so f**ed now.

    2. Korev Silver badge
      Coffee/keyboard

      Re: So near, so Spar

      I almost Spart my coffee out —>

  2. fg_swe

    Cash Is King

    One more reason to use cash - the brittle state of computing in the year 2021.

    Imagine what the attackers can do when they have all the cash card processing data !

    1. Anonymous Coward
      Anonymous Coward

      Anger diversion...

      Today I was telling my wife of my great idea for holiday get-togethers. Instead of politics or religion or other boring subjects, charge up the party conversation with the question "How many of your credit cards have had to be replaced over the last 5 years?" I think we're personally heading for 2 per year.

      1. Lee D

        Re: Anger diversion...

        Zero in 20 years.

        What the hell are you guys doing to have to replace your credit cards?

        Are we talking theft? Destruction? Compromise?

        Because I've been mostly cashless since about 2000 and entirely since 2009 or so and never had to do anything with my credit cards.

        1. Anonymous Coward
          Anonymous Coward

          Re: Anger diversion...

          I've had 2 out of 3 change in the last 5 years or so, but by the issuers.

          Both went from Visa to Mastercard... the remaining one is Barclays debit and they are probably wedded to Visa for life

      2. Anonymous Coward
        Anonymous Coward

        Re: Anger diversion...

        >Today I was telling my wife of my great idea.... Instead of politics or religion or other boring subjects, charge up the party conversation with the question "How many of your credit cards have had to be replaced over the last 5 years?"

        Wow- that's one lucky lady. Who needs Ryan Gosling.

        1. John Doe 12
          Mushroom

          Re: Anger diversion...

          Anonymous Coward burns another Anonymous Coward :-D

      3. This post has been deleted by its author

    2. ecofeco Silver badge

      Re: Cash Is King

      the brittle state of computing in the year 2021.

      This! This is the turn of phrase I've been looking for. It's also a house of cards.

      1. Andy The Hat Silver badge

        Re: Cash Is King

        Cash is king? I tend to agree from the point of security. The sudden plethora of 'card machines' that don't look like card machines ...

        "Just bonk your card please ... sorry, can you insert your card as we have successfully taken a photo of your signature and a cvv and just need to skim the other information ..."

    3. Lee D

      Re: Cash Is King

      Something like 45% of people using cash during the pandemic in the UK were refused at some point.

      Sorry, but your paper money is not the solution.

      The solution is a robust electronic system with - shock, horror - a failover system that can process payments, your ONLY source of income. Your most business-critical system. Your bread-and-butter.

      But no, rather than issue stores with a bunch of iZettles for use in such circumstances, even if it costs you an extra % on the processing fee, Spar would rather be entirely offline whenever their system is down and unable to serve a single customer.

      Electronic money is all there will be in the future. Money laundering laws have seen to that. Put cash under your mattress and then try to pay it into your bank in bulk? They legally need to know where that came from, which means you have to prove it.

      Given that 90% of your bills will be direct-debit or card-based anyway (unless your really do walk up to British Gas counters and try to pay in cash still), I'm afraid you're already entirely reliant on electronic banking, and it will only ever "get worse".

      I live a cashless life, and I've given my daughter (who lives in Spain) a child's credit card. Everyone laughed. Pandemic hit. They can send her money from another country, we can track her spending from across the continent, and her Christmas gifts are basically impossible to send her without - as happened on her birthday - almost €300 of collective customs charges, or an awful lot of disputes and hassle. This Christmas, she's getting electronic money on her card from all... including the stalwart grandparents who keep hoarding their cash thinking that helps them.

      My daughter is not going to understand people using cash in her future. You're literally in a technological dead-end, like lamp-lighters, horse-drawn-carriages and faxes. You can admit it, or you can pretend it hasn't already happened. Because unless I'm very much mistaken here, I bet that the majority of your gas, electricity, telephone, Internet, rent/mortgage, council tax, entertainment, car tax, car insurance, etc. are done electronically. I bet you even use card when paying for your petrol, because I see vanishingly few people ever using cash.

      1. Intractable Potsherd Silver badge

        Re: Cash Is King

        That is indeed the current situation, but the question is whether it ought to be. There are very good reasons for having cash retained as at least a back up - it maximises resilience, as demonstrated in this case. Cards/electronic payments are a significant point of failure in a number of different ways. Cash doesn't fail in anything like as many ways.

      2. Tams

        Re: Cash Is King

        I think you missed a sentence somewhere in your diatribe there.

        And that wasnct really their point now, was it? Cash will always be useful as long as electronic systems can fail. And I don't see a future where they couldn't all fail. Well, at least not this century.

      3. tiggity Silver badge

        Re: Cash Is King

        Payment systems go down - be it retailers, the banks / card processors.

        Cash allows purchases when electronic methods are broken (and in some cases outages can be a while, e.g. Spar - & if you think Spar problems are trivial consider lots of UK people do not have their own transport and live away from major shopping areas, so for many a Spar (or similar expensive smallish shop) provides a lot of their day to day household shopping needs (& as a side effect contributes to cycle of poverty - inability to travel to cheaper shops with better range of goods (no car, bus or taxi exceeds budget) means more expensive food & poorer choice) .

        There have been plenty of occasions when cash has been my only payment option due to card payment outages, and lots of small independent shops (though sadly COVID sent a lot to the wall) add surcharge to card payments below a certain amount to cover their processing fees.

        Another benefit of cash is not being tracked, partner & I have joint account, using cash means no trace of card use when I visit a shop to buy a present for them(if there was bank debit record from a jewellers for example then surprise gift would be a non surprise )

        Some people cannot have a UK bank account, even a basic one, so e.g. stuck with PO account to receive benefits which has a card but only allows its use to withdraw cash from the PO. So for some no option but to only use cash - the choice of non cash payments is not open to all.

        1. werdsmith Silver badge

          Re: Cash Is King

          There used to be a backup system.

          Using embossed card copiers, in fact the process that was used to take card payments before electronics got involved.

          A cashier would rummage below the counter and pull out a big old chunky device.

          Your card would be laid on the device and then more rummaging and a carbon paper triplicate thing would be found, that resembled a long forgotten airline ticket formant.

          The triplicate carbon thing would laid atop the card and then a sliding roller thing would be pulled across the whole thing and back. This would create a copy of the card on the triplicate form.

          Which you would then sign. Cashier would visually compare the signature with the one on the back of the card.

          Then you would be handed a semi-transparent leaf from the carbon triplicate thing and your purchase is complete.

          1. John Miles

            Re: Cash Is King

            The replacement Visa Credit Card, for an expiring one, I received last month just has the numbers printed on the back - the front only has the chip and bank logo. Back still looks like it has magnetic strip

    4. tip pc Silver badge

      Re: Cash Is King

      if their network is down then likely no tills working as they either won't work offline, can't check barcodes or will be using out of date prices.

      so they may not even be able to accept cash,

      if the store accept cash and dispense goods, perhaps perishables, then the subsequent audit for insurance purposes will show inconsistencies and perhaps trigger fraud cases.

      in a dystopian scenario then cash would truly be king as there would be no repercussions.

    5. Povl H. Pedersen

      Re: Cash Is King

      The problem is not credit cards. It is arcane payment terminals from the middle ages that are used in the UK.

      In modern countries, the payment terminals can work in offline mode for at least a few thousand transactions. Of course there is a risk that payment will then be declined, but that is a risk that the store likely want to take if the alternative is losing business altogether.

  3. Anonymous Coward
    Anonymous Coward

    Let me guess, Windows again?

    OK, I'm kicking an open door here, but I just want to test how quickly Redmond gets its social media management to respond.

    The Nile is not just a river in Egypt..

  4. Anonymous Coward
    Anonymous Coward

    It is not yet known whether the incidents are part of a ransomware attack

    It's always a ransomware attack and always a "we take security seriously" Windows network. Another negligent company running what's easiest rather than what's appropriate.

    1. Anonymous Coward
      Anonymous Coward

      Re: It is not yet known whether the incidents are part of a ransomware attack

      It does make you wonder if everyone is taking security seriously then why do these things keep happening? It's one of life's mysteries like where does my cat go at night?

  5. Blackjack Silver badge

    Not a fight, not a spar, they closed with a whimper.

  6. KarMann Silver badge
    Trollface

    Other victims?

    Given what I've seen on Sainsbury's online shopping site over the past couple of years, I'm pretty sure the cybercrims have been running their web interface all that time. They really should either catch them, or pay them off, or something, rather than just let them keep making such a hash of their website.

    1. juliansh

      Re: Other victims?

      Have you tried the Boots online store recently? Another shoddy WebSphere Commerce Server application that hasn't been updated in years

  7. bitmap animal

    Not just credit card systems

    The focus of discussion is about their credit card systems doing down, implying it's just the payment system. There was mention of the tills being down, so that's possibly why some sites have had to close if they can't process stock. The ones accepting cash may just be putting the money in a bucket and not worrying about stock control etc.

    It seems that their website is also down along with their distribution and manufacturing systems. That's likely quite a diverse set, so presumably either someone has 'pushed the right button' of some core system or they have purposely shut everything down to limit the spread from one initial problem.

  8. Anonymous Coward
    Anonymous Coward

    Windows xp

    I do know a lot of the spar systems used windows xp at least a few weeks ago

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022