Particle.news
Download on the App Store
11 ARTICLES
·
last wk.

Harrods Refuses to Engage Hackers After Third-Party Breach Exposes Customer Contact Data

The retailer attributes the theft to a supplier system, with regulators and police now investigating.

Image
Harrods also had to restrict internet access across its sites in May as a result of a cyberattack
Image
Image

Overview

  • Harrods says a vendor’s system was compromised, exposing some e‑commerce customers’ names and contact details but not passwords, payment data or order histories.
  • The company told customers that some affected records may include internal marketing or service labels such as tier level or co‑branded card affiliation, which it says are unlikely to be interpreted accurately.
  • Harrods states the incident is isolated and contained, its own systems were not breached, and it has notified the relevant authorities.
  • A threat actor has contacted the company, which says it will not engage with them.
  • Harrods declined to name the supplier due to an active criminal investigation; July arrests linked to attacks on M&S, the Co‑op and Harrods remain under inquiry, and a reported figure of about 430,000 records has not been confirmed by the company.