"430,000 customers of London luxury department store Harrods have had their data compromised in a data breach. The perpetrators attempted to make contact, but the store refused to negotiate with the hacker group. Harrods has made it clear that it will not negotiate with the cyber attacker responsible for the hack. This firm stance became apparent after the hackers contacted Harrods, although the company has not disclosed exactly what was communicated."
"The company emphasizes that the stolen data comes from an external supplier and is limited to basic information. This includes names, contact details, and marketing preferences of customers who had previously provided this information. Information about Harrods loyalty cards and co-branded cards was also stolen. "Our focus remains on informing and supporting our customers," said a spokesperson. The company has notified all relevant authorities and is cooperating with the investigation. Sensitive information such as passwords and payment details remained out of reach of the attackers."
Harrods confirmed a data breach affecting 430,000 customers, with perpetrators attempting contact and the company refusing to negotiate. Stolen data originated from an external supplier and was limited to basic information, including names, contact details, marketing preferences and Harrods loyalty and co-branded card information. Passwords and payment details were not accessed. Most customers shop in-store, so the proportion affected is small. Harrods has notified authorities and is cooperating with the investigation while maintaining normal sales operations. The incident fits a broader 2025 trend of digital supply-chain exploits, similar to the Salesloft OAuth compromise and other local breaches.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]