Hackers Contact Harrods After Cyberattack Exposes Half a Million Customers
LONDON, Sept. 28, 2025 — Luxury department store Harrods has confirmed that nearly half a million customers were affected by a recent cyberattack, with the retailer now receiving direct communications from the hackers behind the breach.
The Knightsbridge-based store said it had “received communications from the threat actor and will not be engaging with them,” but did not disclose further details about the hackers’ demands or messages.
What Data Was Exposed?
Harrods stressed that no payment details or account passwords were compromised. Instead, the stolen data was limited to personal identifiers, including names, email addresses, phone numbers and postal addresses.
The retailer is contacting all affected customers directly and has reported the breach to relevant authorities.
Importantly, Harrods said the attack targeted a third-party provider’s system, not its own internal infrastructure, and was unrelated to earlier attempts this year to gain unauthorised access to Harrods’ network.
A String of Attacks
This is not the first time Harrods has been targeted. In May, the store restricted internet access across its premises after detecting threats, temporarily disrupting some services. Then in July, four people — including three young adults and a 17-year-old — were arrested in connection with cyberattacks on Harrods as well as Marks & Spencer and the Co-op.
Official Response
“Our focus remains on informing and supporting our customers,” a Harrods spokesperson said in a statement. “We have informed all relevant authorities and will continue to co-operate with them.”
The National Cyber Security Centre (NCSC) warned that the breach highlights the growing risks facing UK retailers. Chief executive Richard Horne said cyberattacks may sound abstract or technical but in reality have “real world impact on real people.”
Broader Threats
The incident adds to a mounting wave of cyberthreats against major British retailers, raising concerns over the vulnerability of customer data held by third-party providers. With shopping increasingly dependent on digital infrastructure, experts say cybersecurity will remain a pressing challenge for luxury brands as well as high street chains.
Photo Credit: DepositPhotos.com