Harrods Warns Customers of Data Theft in Latest IT Breach

Customers of Harrods Ltd., the luxury London department store, had their personal data stolen, the latest in a string of cyberattacks and IT breaches affecting major UK businesses this year.

Data including names and contact details for some Harrods customers were taken from the systems of a “third-party provider,” a spokesperson for the store said in an emailed statement. The retailer declined to identify the provider, citing an “ongoing criminal investigation.”

UK companies have come under a wave of cyberattacks this year, including against retailer Marks & Spencer Group Plc and automotive firm Jaguar Land Rover. Harrods, owned by the Qatari sovereign wealth fund and known for its flagship store in London’s Knightsbridge district, was itself hit with an attempted hack in May.

“No Harrods system has been compromised,” the spokesperson said. “It is important to note that the data was taken from a third-party provider and is unconnected to attempts to gain unauthorised access to some Harrods systems earlier this year.”

The breached information didn’t include account passwords or payment details while impacted customers have been contacted, the spokesperson said.

Photograph: Shoppers pass Harrods department store in London, UK, on Thursday, Sept. 4, 2025. Photo credit: Jose Sarmento Matos/Bloomberg

Related:

• UK Grocer Co-op Says Hackers Obtained Customer Data
• Britain’s M&S Enters 2nd Week of Sales Disruption After Cyberattack
• Harrods Is Latest UK Retailer to Be Hit by Cyberattack
• British Food and Clothing Group M&S Discloses Cyber Incident
• NHS Cyberattack in UK Inflicted Long-Term Harm on Patient Health
• UK Lays Out Stronger Cybersecurity Defenses After Attack Crippled NHS Hospitals

Topics Fraud