Hackers have apparently breached British retail giant Harrods via a third-party supplier stealing 430,000 records that included sensitive e-commerce customer information.
Harrods said it would not engage with the “threat actor” and added the affected data, taken from a third-party provider, was limited to basic information and did not include passwords or payment details.
“Our focus remains on informing and supporting our customers. We have informed all relevant authorities and will continue to co-operate with them,” a spokesperson said in a statement.
The majority of Harrods customers shop in-store, so it is understood the breach has affected only a small proportion of its shoppers.
Dmitry Dontov, CEO of Spin.AI, provided the following comments:
“The Harrods breach is yet another example of the need to secure the entire supply chain. If attackers are unable to breach your core workspace, they can often access data through external partners. Even retail giants must assume that the perimeter defense is not enough. Incident resilience, real-time monitoring, as well as third-party tool visibility and security are now essential.”
Supply chain attacks are all the rage due to how effective it is for threat actors to pwn an organization via this attack vector. Thus it is in your best interests to make sure that the companies that you get services from are as secure as you are. Otherwise you might be the next headline related to a supply chain attack.
Related
This entry was posted on September 29, 2025 at 2:39 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Harrods Has Been Pwned With 430K Records Swiped
Hackers have apparently breached British retail giant Harrods via a third-party supplier stealing 430,000 records that included sensitive e-commerce customer information.
Harrods said it would not engage with the “threat actor” and added the affected data, taken from a third-party provider, was limited to basic information and did not include passwords or payment details.
“Our focus remains on informing and supporting our customers. We have informed all relevant authorities and will continue to co-operate with them,” a spokesperson said in a statement.
The majority of Harrods customers shop in-store, so it is understood the breach has affected only a small proportion of its shoppers.
Dmitry Dontov, CEO of Spin.AI, provided the following comments:
“The Harrods breach is yet another example of the need to secure the entire supply chain. If attackers are unable to breach your core workspace, they can often access data through external partners. Even retail giants must assume that the perimeter defense is not enough. Incident resilience, real-time monitoring, as well as third-party tool visibility and security are now essential.”
Supply chain attacks are all the rage due to how effective it is for threat actors to pwn an organization via this attack vector. Thus it is in your best interests to make sure that the companies that you get services from are as secure as you are. Otherwise you might be the next headline related to a supply chain attack.
Share this:
Like this:
Related
This entry was posted on September 29, 2025 at 2:39 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.