"We have been notified by one of our third-party providers that some Harrods e-commerce customers' personal data has been taken from one of their systems. We have informed affected customers that the impacted personal data is limited to basic personal identifiers including name and contact details but does not include account passwords or payment details,"
"The third-party has confirmed this is an isolated incident which has been contained, and we are working closely with them to ensure that all appropriate actions are being taken."
"Our focus remains on informing and supporting our customers. We have informed all relevant authorities and will continue to co-operate with them,"
"This type of dataset is a goldmine for cybercriminals, enabling convincing phishing campaigns, credential harvest"
Prestigious London department store Harrods experienced a cyber incident after more than 400,000 customer records were stolen from an undisclosed third-party supplier. The breach affected a small portion of shoppers, with most clientele preferring in-store purchases rather than online. The incident is unrelated to an earlier attempted Scattered Spider attack and shows no evidence of connection to the Salesloft Drift - Salesforce authentication token theft. Impacted data is limited to basic personal identifiers and some marketing or loyalty labels; account passwords and payment details were not included. Harrods notified affected customers, informed authorities, and declined to engage with the attacker while working with the supplier to contain the incident.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]