Harrods is the latest retailer to be targeted by hackers. The luxury department store has warned customers that some of their data may have been stolen in an IT systems breach.
It is understood that the hackers have contacted Harrods, however, Harrods has said that it will not engage with the “threat actor”. It says that the 430,000 customer records stolen from a third party in the IT breach contain only “limited data” and do not include passwords or payment information.
This is the second cyberattack on Harrods in a year. In May, the company had to restrict internet access across its sites as a precaution after hackers attempted to gain access to its systems. Mariano Gomide, CEO of global digital commerce platform VTEX, said that Harrods had strengthened its internal cybersecurity processes since the last attack. “Harrods’ latest breach was met with clearer incident steps as customers and authorities were informed, attackers were dismissed, and follow-up actions were defined,” he said. “This stands in contrast to the more limited precautionary measures taken during its May 2025 incident.”
However, Spencer Starkey, executive vice president at cybersecurity firm SonicWall EMEA, says that the latest Harrods attack illustrates the fact that third-party providers remain the weakest link in retail cybersecurity. “The uncomfortable reality is that many public and private bodies still lack the resources, training, and infrastructure required to withstand prolonged operational disruption,” he said. “Simply outlawing payments without accelerating investment in resilience – offline backups, real-time detection and third-party audits, risks pushing breaches underground, rather than preventing them.”
Government intervention
Harrods is one in a string of UK retailers to have been targeted by hackers this year. The latest cyberattack comes as the UK government has announced a £1.5 billion emergency loan to Jaguar Land Rover (JLR) to help it recover from the cyberattack earlier this month that halted global production. Business Secretary Peter Kyle said that this measure should help protect jobs in JLR’s supply chain. “This cyber-attack was not only an assault on an iconic British brand, but on our world-leading automotive sector and the men and women whose livelihoods depend on it,” he said. “Following our decisive action, this loan guarantee will help support the supply chain and protect skilled jobs in the West Midlands, Merseyside and throughout the UK.”
However, Liam Byrne, chair of the House of Commons business and trade select committee, has warned that the bailout could lead to a “moral hazard” as retailers choose to rely on state help instead of prioritising their own security. “Going forward, there is a real risk of moral hazard,” he said. “As a country we’re going to have to remake the way the state and market work together to try and safeguard British industry against these kinds of risks.”
The “moral hazard” point raised by Byrne was underscored by reports earlier this month that JLR had “failed to finalise” a cybersecurity insurance deal prior to the attack. As the company, owned by India’s Tata Motors, is still profitable, some questions have also been raised about why it needs a taxpayer bailout at all.
Inaction too much of a risk
Spencer Starkey suggests that failure to prepare for cyberattacks is too high a risk for any retailer. “This has to be a two-pronged approach: stronger deterrents for threat actors, and measurable support for public sector organisations to strengthen their defences and recovery playbooks,” he said. “Cybercriminals thrive on systemic weakness, and right now, too many essential services remain unprepared for a worst-case scenario. We cannot legislate our way out of this – we must build resilience from the inside out.”
As cyberattacks on UK retailers grow in scale and sophistication, the Harrods breach serves as a stark reminder that no brand – no matter how iconic – is immune. With government bailouts raising questions about accountability and preparedness, the spotlight is now firmly on the need for robust, proactive cybersecurity strategies across the sector. As the holiday season approaches, retailers must act swiftly to shore up their defences, not only to protect customer data but to safeguard trust in an increasingly vulnerable digital marketplace.
Stay informed
Our editor carefully curates two newsletters a week filled with up-to-date news, analysis and research. Click here to subscribe to the FREE newsletter sent straight to your inbox. Why not follow us on LinkedIn to receive the latest updates on our research and analysis?
