Rachel ClunBusiness Reporter
ReutersLuxury department store Harrods has been contacted by hackers after data relating to 430,000 customer records was stolen in an IT breach.
Harrods said it would not engage with the “threat actor” and added the affected data, taken from a third-party provider, was limited to basic information and did not include passwords or payment details.
“Our focus remains on informing and supporting our customers. We have informed all relevant authorities and will continue to co-operate with them,” a spokesperson said in a statement.
The majority of Harrods customers shop in-store, so it is understood the breach has affected only a small proportion of its shoppers.
Harrods did not elaborate on what the hackers had communicated to the company.
The stolen data included basic personal information, including names and contact details if they had been provided.
Some information relating to marketing preferences, loyalty cards and tie-ins to other companies was also taken, including Harrods co-branded cards, the company’s spokesperson said, who added “this information is unlikely to be interpreted accurately by an unauthorised third party”.
“We would like to reiterate that no payment details or order history information has been accessed and the impacted personal data remains limited to basic personal identifiers as advised previously,” they said.
This week’s data breach was not connected to attempts to hack into other Harrods systems earlier this year, the spokesperson added.
The department store first described the breach in an email to customers on Friday.
There has been a spate of cyber-attacks on major UK businesses this year.
In May, Harrods was forced to restrict internet access across its sites as a precaution after an attempt was made to gain unauthorised access to its systems.
A group of hackers who claimed responsibility for that attempt also claimed responsibility for the hacks on M&S and Co-op. Four people were arrested in connection with the hacks in July.
Co-op, which confirmed in July that all 6.5 million of its members had their data stolen, reported this week that the cyber-attack had cost it £206m in lost sales.
M&S, which experienced months of disruption to its online services, estimated in May that the attack would cut £300m from its profits.
Car manufacturer Jaguar Land Rover is still working to get its IT systems back up and running, and resume production after a hack at the end of August. The attack has had a major impact on both the company and its supply chain, leading to the government agreeing to underwrite a £1.5bn loan guarantee to JLR in a bid to support its suppliers.