Updated The UK's largest retailer, supermarket titan Tesco, has restored its online operations after an attack left its customers unable to order, amend, or cancel deliveries for two days.
A Tesco statement acknowledges disruption to the giant's grocery website and app, claiming "an attempt was made to interfere with our systems, which has caused problems with the search function on the site."
The gigantic grocer has also claimed there's no reason to believe customer data is or was at risk.
In the late hours of Sunday night, the grocer tweeted that all had been restored:
Our groceries website and app are back up and running.— Tesco (@Tesco) October 24, 2021
To help us manage the high volume we’re temporarily using a virtual waiting room.
We’re really sorry for any inconvenience and thank you for your patience. pic.twitter.com/OxgJeCdiZy
Customers rushed that waiting room in the hope of making the cutoff time for amendments to their orders, but many were hacked off (pun intended) as they desperately tried to get their order in by midnight. Many ended up relying on competitors like Asda or Sainsbury’s.
- Oh the humanity: McDonald's out of milkshakes across Great Britain
- Shuttered call centre sours Capita's £58m contract extension with Tesco Mobile
- Very little helps: Tesco serves up 3-for-1 borkage special to self-scanning Tesco shoppers
Over the past 12 months, Tesco [PDF] more than doubled its regular app user base to 6.6 million and filled 1.27 million orders per week. Online orders make up 14.6 per cent of Tesco's UK sales.
This isn't the first time Tesco has fallen victim to an attack on its systems. Back in 2014, thousands of customers had their emails and passwords posted online. Worse yet, their vouchers went missing from their accounts following a data breach.
Two years later, Tesco's banking arm lost £2.5 million belonging to 9,000 users.
This weekend's incident has gone down predictably badly:
If crucial IT Systems were down at my employer for 2 days without updating users like at @Tesco this weekend, then all the IT staff would be facing the sack. Has nobody there heard of backups and rehearsed disaster recovery? #tescodown #shambolic— BaldTony (@BaldTony66) October 24, 2021
The waiting room mitigation is to protect the firm's origin server from the large uptick in requests.
Earlier this month, The UK appointed former Tesco CEO Sir David Lewis to act as the government's supply chain adviser. In the wake of this incident, The Register is relieved to know a Tesco exec hasn't been appointed as security adviser.
If you know more about the "attempt to interfere" with Tesco's tech, you can drop the author a line here. ®
Updated to add at 0935 UTC on 25 October
A Tesco spokesperson said: "Our online grocery website and app are now back up and running. Our teams have worked around the clock to restore service, and we’re really sorry to our customers for the inconvenience caused."