Harrods cyberattack - over 430,000 customers have data stolen, here's how to stay safe

News
By published

Harrods says it will not engage with the criminals

Data breach
(Image credit: Shutterstock)
  • An IT breach has exposed 430,000 Harrods customer's details
  • The data does not include payment information or passwords
  • Harrods is not engaging with the hackers

Luxury department store Harrods has confirmed it has been contacted by criminals claiming to have stolen the records of over 430,000 customers in an IT breach.

The company said this breach is unconnected to the string of attacks which hit British high street retailers, including Harrods itself, M&S, and Co-Op, earlier in 2025.

Harrods have confirmed it will not engage with the hackers, and that the information taken via a third-party provider did not include payment data or passwords.

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

Many people don’t know how to protect their ID. Don’t be one of them. Get your ID Action Plan here. Get a personalized step-by-step Action Plan & ID Safety Score based on YOUR dark web hits.

View Deal

No Harrods system compromised

“The third-party has confirmed this is an isolated incident which has been contained, and we are working closely with them to ensure that all appropriate actions are being taken. We have notified all relevant authorities,” a spokesperson confirmed in a statement.

Harrods confirmed it has “received communications from the threat actor and will not be engaging with them” - suggesting perhaps that the hackers requested payment in return for not posting the customer data.

The affected data is “limited to basic personal identifiers including name and contact details (where this information has been provided),” the statement confirms. Nevertheless, this information does still leave some customers exposed to attacks like identity theft or fraud.

Cybercriminals can use personal information to apply for loans or credit cards in your name, so if you’ve received notification you may be affected in this (or any other) breach - here’s what we recommend.

The most simple way to protect yourself is to deploy identity theft protection software - as these provide a host of protection tools like dark web scanning, credit monitoring, and password managers as well as insurance coverage in case your identity is affected, usually up to $1 million.

If you want to monitor on your own, then you need to keep a close eye on your bank statements, transactions, and accounts, as well as being wary of any unexpected texts, calls, or emails that may be social engineering attempts.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.