Pierluigi Paganini May 02, 2025

Harrods confirmed a cyberattack, following similar incidents suffered by M&S and Co-op, making it the third major UK retailer targeted in one week.

Luxury department store Harrods confirmed a cyberattack, threat actors attempted to gain unauthorised access to some of its systems.

“We recently experienced attempts to gain unauthorised access to some of our systems.” reads a statement published by the company. “Our seasoned IT security team immediately took proactive steps to keep systems safe and as a result we have restricted internet access at our sites today.

“Currently all sites including our Knightsbridge store, H beauty stores and airport stores remain open to welcome customers. Customers can also continue to shop via harrods.com.”

In response to the attack, the company had “restricted internet access at its sites,” however Harrods’ site remained online.

Harrods has not provided technical details about the attacks, and it is unclear if it has suffered a data breach.

The incident marked the third UK retailer hit in a week after Marks and Spencer (M&S) and the Co-op.

BleepingComputer revealed the M&S attack involved threat actors using Scattered Spider tactics and deploying DragonForce ransomware.

The Co-op, amid an ongoing cyberattack, instructed its 70,000 staff to keep cameras on during remote meetings, verify attendees, and avoid recording calls, while IT teams work to secure systems after parts were shut down due to hacker intrusion attempts.

The NCSC called the recent retail cyberattacks a “wake-up call” and is working with affected firms.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Harrods)