Luxury department store Harrods has confirmed that cybercriminals have claimed to steal data from up to 430,000 customer records following a third-party IT breach. The store was contacted by the “threat actor” but has firmly stated it will not engage with the hackers, suggesting a possible ransom demand was made.
The breach, described in an email to customers on Friday, September 26, 2025, compromised basic personal information but did not include any payment details or account passwords.
Connection to Previous Cyberattack
This latest incident comes just months after the retailer was already on high alert from a coordinated wave of cyberattacks on the UK retail sector observed this year. As Hackread.com reported, Harrods was among the many high-profile UK retailers targeted, others including M&S and Co-op (with the notorious hacking group Scattered Spider suspected to be behind the campaign).
On May 1st, 2025, the luxury retailer confirmed it faced attempts to gain unauthorised access to its internal systems. This prompted a successful, proactive response as Harrods restricted internet access across its sites to contain the threat and stated no customer data was compromised at that time.
The September 2025 Data Breach
Despite their earlier successful defence, a new breach has now compromised customer data. The information was stolen from a system belonging to one of Harrods’ third-party providers, which the company chose not to name, indicating that hackers shifted their focus to a weaker link in the supply chain. The company has reiterated that this latest incident is officially unconnected to the attempts to gain unauthorised access to their internal systems in May.
“The third party has confirmed this is an isolated incident which has been contained, and we are working closely with them to ensure that all appropriate actions are being taken. We have notified all relevant authorities,” Harrods’ spokesperson stated.
What Was Taken?
The stolen data is limited to basic identifiers such as names and contact details, which are provided by customers. Further probing revealed that some information related to loyalty cards, marketing preferences, and tie-ins to other companies (like co-branded cards) was also taken. Harrods stressed that its own systems were not compromised.
How to Stay Safe
The most straightforward way to protect yourself is to monitor your accounts. Customers who have received notification that they are affected should monitor bank statements and transactions. Also, be wary of any unexpected texts, calls, or emails, which could be attempts by scammers to trick you into giving away more personal information.
The store has informed all relevant authorities and continues to cooperate with them, along with supporting its customers.
