Harrods Becomes the Latest Retailer Targeted by Cyberattacks

A few days after Marks & Spencer and the cooperative were targeted, Harrods experienced a cyber attack.

The luxury retailer had to shut down several systems temporarily; however, all stores, including its website, Knightsbridge flagship, H Beauty, and Airport Outlet, remain operational. Retailers became aware of the cyber threats earlier this week.

In a statement, Harrods disclosed: “We have recently encountered attempts to gain unauthorized access to parts of our system. Our experienced IT security team swiftly took proactive measures to secure the system, which led to restricting internet access on our site today.”

The retailer stated that it has not requested any action from its customers, suggesting confidence that data has not been compromised. “We will provide updates as necessary.”

Reported first by Sky News, the Harrods incident unfolds as M&S grapples with challenges stemming from cyberattacks linked to widespread hacking.

M&S has had to pause orders for nearly a week, leading to a loss exceeding £650 million in stock market value. Additionally, the automated inventory system failure has resulted in empty store shelves, while the loyalty program and gift card transactions are suspended.

On Thursday, M&S announced it had halted the hiring of new employees.

The company removed all online job postings from its site while it addresses the fallout from the cyber attack that forced M&S to close its online store.

A note on M&S’s Jobs webpage states, “I’m sorry, but I can’t search or apply for a role right now. I’m working diligently to restore our services as soon as possible.”

Despite having over 200 job openings the previous week, the company, employing approximately 65,000 people across its stores and London headquarters, did not list any positions on Thursday.

A spokesperson stated: “While managing these cyber incidents, we are temporarily pausing some of our usual processes to ensure we can continue delivering the best M&S experience for our customers and employees.

The cooperative also had to disable some internal systems and warned staff to be cautious with their cameras during online meetings after detecting hacking attempts. Stores and online services are still running normally.

Retailers may face similar methods used across various businesses, as many share the same systems as M&S and the cooperatives.

It remains uncertain whether the cyberattacks affecting these three retailers are coordinated by the same group or carried out independently.

The National Cyber Security Center (NCSC) is collaborating with M&S and the cooperative to understand the nature of both incidents and is looking into potential connections. The Metropolitan Police confirmed on Wednesday that cybercrime detectives, alongside teams from the National Crime Agency, are investigating the attack on M&S.

NCSC CEO Richard Horn remarked that the cyber incident should act as a wake-up call for all organizations, urging businesses to ensure they have adequate measures in place for prevention and effective response.

He added: “The NCSC is committed to closely supporting the organizations reporting these incidents to fully comprehend the nature of these attacks and offer expert advice to the wider industry based on the threat landscape.”

In recent years, retailers and their suppliers have faced multiple cyberattacks, including an incident affecting Morrisons due to a problem at high-tech supplier Blue Yonder last Christmas.

In 2023, WH Smith experienced a data breach where sensitive company data, including personal information of current and former employees, was accessed illegally. This occurred less than a year after a cyber incident on WH Smith’s Funky Pigeon website resulted in a week-long suspension of orders.