Harrods has warned some customers that their personal data may have been taken in an IT systems breach.
The luxury Knightsbridge department store said information, such as names and contact details, of its e-commerce customers was taken after one of its third-party provider systems was compromised.
In a statement, Harrods said: “We have been notified by one of our third-party providers that some Harrods e-commerce customers’ personal data has been taken from one of their systems.
“We have informed affected customers that the impacted personal data is limited to basic personal identifiers including name and contact details but does not include account passwords or payment details.
“The third party has confirmed this is an isolated incident which has been contained, and we are working closely with them to ensure that all appropriate actions are being taken. We have notified all relevant authorities.”
Harrods: Data taken from third-party provider
In May, Harrods restricted internet access across its sites as a precautionary measure after an attempt to gain unauthorised access to its systems.
The spokesman added: “No Harrods system has been compromised and it is important to note that the data was taken from a third-party provider and is unconnected to attempts to gain unauthorised access to some Harrods systems earlier this year.”
In July, four people, including two men aged 19, a 17 year-old boy and a 20-year-old woman who were arrested for their suspected involvement in damaging cyber attacks against Marks & Spencer, the Co-op and Harrods, were bailed pending further inquiries.
They were arrested on suspicion of blackmail, money laundering, offences linked to the Computer Misuse Act, and participating in the activities of an organised crime group, according to the National Crime Agency.
By Helen William, PA
