Spar Group Switzerland, headquartered in St. Gallen, fell victim to a cyberattack on the night of March 13-14, 2025, which severely impacted its operations. The attack affected the company’s IT systems, rendering payment systems and electronic devices inoperable in many of its stores. As a result, customers could only pay by cash or Twint, while traditional EC card payments were temporarily unavailable. Spar’s management informed employees and partners about the extensive system disruptions and warned that certain products might be temporarily out of stock due to the paralysis of the ordering system.
In addition to payment disruptions, the cyberattack hindered Spar’s ability to process and receive orders.
The delivery of key products, like the 65 Leader items, was guaranteed for Saturday, but the system’s failure would prevent the processing of orders for the coming Monday. Spar’s management instructed its stores to source products from regional suppliers, advising them to place bread orders with Regio Beck. The company swiftly brought in cyber experts to investigate the scope of the breach and work toward restoring full functionality as quickly as possible.
By Saturday afternoon, Spar had reported that many stores were once again able to process EC card payments, marking progress in recovering from the attack. Despite this, some branches still had to rely on cash and Twint transactions.
The cyberattack did not affect Spar’s petrol station stores, which continued to operate as usual.
Spar emphasized that while the situation was still being addressed, the company was working diligently to restore its systems and provide customers with access to a full range of products.
The Spar Group encompasses 143 Spar neighborhood stores, 97 Spar Express convenience stores, and 10 Spar mini-markets, as well as 11 TopCC Cash & Carry supermarkets. While the company has faced significant disruptions to its operations, it remains committed to resolving the situation and returning to normal business practices. Spar has filed charges with local authorities and notified the Federal Data Protection and Information Commissioner. The company assured customers and partners that efforts are ongoing to fully restore its services and ensure a secure shopping experience.
Reference: