Luxury department store Harrods has become the latest high-profile British retailer to face a cyber attack, joining Marks & Spencer and the Co-op in what security experts are calling a concerning wave of digital threats against the UK retail sector.
In a statement, Harrods confirmed: “We recently experienced attempts to gain unauthorised access to some of our systems. Our seasoned IT security team immediately took proactive steps to keep systems safe and as a result we have restricted internet access at our sites today.”
Despite the attack, Harrods insisted its operations remain largely unaffected.
“Currently all sites including our Knightsbridge store, H beauty stores and airport stores remain open to welcome customers. Customers can also continue to shop via harrods.com,” the statement added.
The retailer’s online presence appeared to be functioning normally as of Thursday evening, with customers advised they need not “do anything differently at this point.”
The incident follows significant disruptions at other major UK retailers. Marks & Spencer has been severely impacted by a cyber attack disclosed last week, with customers still unable to place online orders and reports of empty shelves in some stores. Police have launched an investigation into the M&S breach.
Co-op also announced this week that it had shut down parts of its IT systems after detecting hackers attempting to gain access. Internal communications revealed Co-op staff are now required to keep cameras on during remote meetings and verify all participants, suggesting concerns that hackers may be monitoring company calls.
Richard Horne, chief executive of the National Cyber Security Centre (NCSC), called the series of attacks a “wake-up call” for the affected companies.
The NCSC is “working closely with the companies that had reported incidents to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture,” Horne stated.
Cybersecurity experts are divided on whether the attacks are connected.
Security experts have attributed the M&S attack to a ransomware group known as “DragonForce.”
Ransomware attacks typically involve malicious software that encrypts critical data, with attackers demanding payment for its release. Such attacks have become increasingly common and sophisticated, targeting businesses across various sectors.
As investigations continue, retail industry analysts suggest businesses nationwide should urgently review their cybersecurity protocols. The clustering of attacks against high-profile retailers raises questions about whether the sector as a whole faces particular vulnerabilities that sophisticated hackers are now actively exploiting.
In response to these events, the ICO has stepped in.
Stephen Bonner, Deputy Commissioner at the ICO, stated, “We can confirm we have received reports from Marks and Spencer plc and the Co-op Group. We are making enquiries with these organisations and working closely with the National Cyber Security Centre (NCSC).”
Acknowledging potential public anxiety, Mr. Bonner added, “We recognise that seeing cyber attacks in the news can be concerning, especially if you are a customer.”
You must be logged in to post a comment.