UK Luxury Retailer Harrods Hit by Cyber Attack After M&S, Co-op

Luxury retailer Harrods confirms a cyber attack attempt, restricting internet access but keeping its online store running. Learn about the growing wave of cyber threats also impacting M&S and Co-op.

Following disruptions at British retail giants Marks & Spencer and Co-op, the esteemed department store Harrods also, reportedly, has been targeted by malicious threat actors attempting to infiltrate their online infrastructure.

This incident, occurring just this week, prompted Harrods to implement protective measures, including restricting internet access across their physical locations. It’s worth noting that while Harrods confirmed the cyber attack attempt and the resulting restrictions on internet access at their sites, they did emphasize that their online store was operating normally on Thursday evening, May 1st, 2025.

“We recently experienced attempts to gain unauthorised access to some of our systems. Our seasoned IT security team immediately took proactive steps to keep systems safe and as a result, we have restricted internet access at our sites today,” Harrods’ official statement read.

While the immediate impact led to operational adjustments behind the scenes, the luxury retailer assured its clientele that their flagship store in Knightsbridge, along with its H Beauty and airport outlets remained open for business.

More importantly, there was no immediate indication that customer data had been compromised. This proactive response highlights the growing awareness and preparedness of major organizations in the face of persistent cybersecurity threats.

Considering these events collectively, a pattern of aggressive cyber activity against the retail sector in the UK has emerged. The recent attack on Marks & Spencer, which has been attributed to a sophisticated hacking group Scattered Spider, has had a far more severe impact. Their online operations remain crippled, causing a halt to online orders and even leading to empty shelves in some physical stores due to the disruption of inventory management systems, and a significant drop in its market value.

Simultaneously, Co-op has recently been a victim of cyber attacks, leading to the implementation of stringent internal security protocols, including mandatory camera usage during online meetings as a means of verifying attendees.

The fact that these attacks have occurred in close succession raises questions about potential links, whether through shared vulnerabilities in commonly used software like SAP’s enterprise resource planning systems, or perhaps even a coordinated campaign.

The National Cyber Security Centre (NCSC) is actively involved, working with the affected organizations to understand the nature and potential connections between these incidents.

“The NCSC continues to work closely with organisations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture,” Richard Horne, NCSC’s chief executive stated.