Harrods hit in cyber spree as experts warn of ‘coordinated campaign’
Harrods has become the latest high profile UK retailer targeted by cyber attackers, joining Marks & Spencer and Co-op Group in a spate of recent incidents that security experts fear may be part of a broader attack against the sector.
Harrods has confirmed that it had experienced “attempted to gain unauthorised access” to its systems.
It has revealed that it had restricted access to its sites on Thursday, as a precautionary measure.
In response, it restricted internet access across its sites as a precaution – though stores remain open and online shopping continues.
The incident underscores the mounting risk facing retailers as threat actors increasingly exploit shared systems, common suppliers, and peak shopping periods to inflict damage and disruption.
Cyber professionals say the timing – just ahead of the May bank holiday and VE day commemorations – is no accident.
“Threat actors are seizing the moment”, said Shobhit Gautam of HackerOne. “Retailers are exposed during holidays when staffing is thin but online traffic is high”.
Twice is coincidence, third time’s a pattern
Although Harrods has not confirmed service outages, customers told Sky News they were unable to pay for a purchase earlier in the day – echoing the widespread disruption seen during last week’s M&S attack.
Security experts suggest the cluster of incidents may stem from a shared vulnerability, such as a third-party service provider or common IT infrastructure used across the industry.
“A single weak link can cascade across multiple brands”, said Toby Lewis, global head of threat analysis at Darktrace.
Others point to the rise of AI-enhanced attacks and phishing campaigns, which allow even low-skilled hackers to strike high-value targets with greater precision and speed.
The broader threat landscape is worsening. Cyber attacks surged 45 per cent globally in the first quarter of 2025, according to ransomware prevention firm Blackfog, which noted that attackers increasingly infiltrate systems months before launching visible strikes.
Harrods said it is not advising customers to take any specific actions at this stage, and pledged to share updates if the situation evolves.
But with three major retailers targeted in two weeks, cyber professionals warn the sector is under siege – and few believe this will be the last.
“These attacks don’t just knock out systems. They paralyse sales, break customer trust, and hit the bottom line”, said Cody Brown, chief executive of EclecticQ. “Retailers need to treat cyber resilience as a core business function – not a back-office task”.
Industry figures are also urging greater transparency and preparedness. “Staying quiet isn’t a strategy – it’s a liability”, said Öykü Işık, professor of cyber at IMD.