Harrods confirms cybersecurity breach amid growing wave of retail attacks

Harrods, the iconic London-based luxury department store, has confirmed it is responding to a cyberattack that targeted its internal systems this week. The incident places Harrods among a growing list of major UK retailers facing cybersecurity threats in recent days, including Marks & Spencer and the Co-operative Group.

According to information obtained by Sky News, Harrods became aware of attempts to gain unauthorized access to parts of its systems and immediately enacted precautionary measures to protect its infrastructure. In a statement, the company confirmed that it had restricted internet access at its retail locations as a direct response to the security breach.

“We recently experienced attempts to gain unauthorised access to some of our systems,” a Harrods spokesperson said. “Our seasoned IT security team immediately took proactive steps to keep systems safe, and as a result, we have restricted internet access at our sites today.”

Despite the breach, Harrods stated that all of its physical locations, including its flagship Knightsbridge store, H beauty outlets, and airport branches, remain open to customers. The company also emphasized that its online platform, harrods.com, is still operational. Customers have not been asked to take any special actions at this time, and Harrods assured that updates would be provided as the situation develops.

While the full extent of the cyberattack remains unclear, one Harrods customer reported being unable to complete a purchase earlier in the day, suggesting potential disruptions to point-of-sale systems. Harrods is said to be working with cybersecurity specialists to investigate and contain the incident. The company is owned by Qatar’s sovereign wealth fund.

This latest breach follows similar attacks on other major UK retailers. Marks & Spencer continues to face significant operational challenges stemming from a cyberattack disclosed last week, which has rendered its online ordering system inoperative and caused stock shortages in physical stores. The attack on M&S is believed to involve ransomware—a type of malicious software that encrypts data and demands a ransom for its release. Although M&S has not officially commented, cybersecurity sources have linked the incident to a group calling itself "DragonForce."