Harrods, the world-renowned luxury department store in Knightsbridge, has confirmed it was the target of a sophisticated cyberattack, marking it as the third major UK retailer to be hit by cybercrime within a week.
The news follows similar incidents reported by Marks & Spencer (M&S) and the Co-operative Group (Co-op), raising concerns about a potential coordinated campaign targeting the UK retail sector.
Harrods issued a statement on Friday morning, acknowledging that its systems were compromised in a “targeted cyber incident.” The store assured customers that its operations remain unaffected, with its physical and online stores continuing to function normally.
.png
)
However, the company has not disclosed the full extent of the breach or whether customer data was compromised.
“We are working closely with leading cybersecurity experts and law enforcement to investigate the incident and ensure the integrity of our systems,” a Harrods spokesperson said. “The security of our customers and partners remains our top priority, and we are taking all necessary steps to address this matter.”
Harrods Store Hit by Cyber Attack
The attack on Harrods follows cyberattacks targeting M&S and Co-op. On Monday, M&S reported that its website and mobile app experienced disruptions due to a “third-party cyber incident,” which temporarily affected online shopping services.
Similarly, Co-op disclosed on Wednesday that its payment systems at select stores were targeted, leading to transaction delays. Both retailers have since restored normal operations but have remained tight-lipped about the specifics of the attacks.
Cybersecurity experts speculate that the incidents may be linked, potentially orchestrated by a single group exploiting vulnerabilities in retail systems during the busy pre-summer shopping period.
“Retailers are prime targets due to the volume of customer data they hold and the reliance on digital infrastructure,” said Dr. Emily Carter, a cybersecurity analyst at the University of Oxford. “These attacks could involve ransomware, data theft, or even attempts to disrupt operations for financial or political motives.”
The UK’s National Cyber Security Centre (NCSC) has alerted retailers, urging them to strengthen their defenses. “We are working with affected organizations to mitigate risks and encourage all businesses to review their cybersecurity measures,” an NCSC spokesperson said. The agency has also advised consumers to monitor their bank statements and update passwords as a precaution.
The string of attacks has sparked alarm among shoppers, with many expressing concerns about the safety of their personal and financial information. “I shop at Harrods and M&S regularly,” said London resident Sarah Thompson. “It’s worrying to think that my details could be at risk. Retailers need to do more to protect us.”
The incidents have also drawn scrutiny to the broader state of cybersecurity in the UK retail sector, which has faced increasing threats in recent years. In 2023, the Information Commissioner’s Office reported a 40% rise in data breaches across retail, with cybercriminals exploiting outdated software and weak authentication protocols.
As investigations continue, Harrods, M&S, and Co-op have pledged to provide updates on the breaches. Meanwhile, authorities are urging other retailers to remain vigilant, warning that the current wave of attacks may not be over.
Are you from the SOC and DFIR Teams? – Analyse Real time Malware Incidents with ANY.RUN -> Start Now for Free.
