Regenerating codes enable trading off repair bandwidth for storage in distributed storage systems (DSS). Due to their distributed nature, these systems are intrinsically susceptible to attacks, and they may be susceptible to multiple node failures. This paper analyzes storage systems that employ cooperative regenerating codes that are robust to passive eavesdroppers, and proposes codes achieving the secrecy capacity for the minimum bandwidth cooperative regenerating point. The achievability results correspond to exact repair, and secure file size upper bounds are obtained using mincut analyses over a suitable secrecy graph representation of DSS. The main achievability argument is based on appropriate precoding of the data using MRD (Gabidulin) codes to eliminate any information leakage to the eavesdropper.