Harrods Hacked Again: Cybercriminals Swipe 430,000 Customer Records in Fresh Scandal
Harrods is embroiled in its second cybersecurity scandal of 2025, with criminals swiping 430,000 customers’ data. While the retailer assures us their systems weren’t hacked, they won’t name the third-party supplier responsible. It seems Harrods is now offering luxury data breaches along with luxury goods.
Hot Take:
Harrods seems to have become the latest victim in the “Cybersecurity Chicken Dance,” where one step forward is inevitably followed by two steps back. With 430,000 customers’ data pirouetting into the hands of miscreants, the luxury retailer is dancing around the issue by not naming names and promising to play nice with the authorities. Meanwhile, the cybercriminals are probably doing the cha-cha with the stolen data. Harrods’ systems remain untouched—phew—but their supplier clearly didn’t get the memo that ‘third-party’ isn’t supposed to mean ‘third wheel in a data theft romance.’ And while Harrods won’t engage with the ‘threat actors,’ let’s hope their IT team is engaging in a crash course on better passwords and fencing data like it’s the Crown Jewels!
Key Points:
- Harrods faces a second cyber incident in 2025, affecting 430,000 customers.
- The attack involved data stolen from a third-party supplier, not Harrods’ own systems.
- Stolen data includes personal and marketing-related information, but not financial details.
- Harrods refuses to engage with the cybercriminals or name the implicated supplier.
- Previous Scattered Spider attacks on major UK retailers remain unrelated to this incident.