Luxury London-based retailer Harrods is facing its second cybersecurity scandal in 2025, confirming criminals not only stole 430,000 customers' data in a fresh attack but have even made contact.

It began notifying affected customers on September 26 that their data was taken during a break-in at one of its suppliers. Harrods said the "third party" supplier has reassured it that the incident was isolated and had been contained.

Harrods also confirmed in a statement on Sunday: "We have received communications from the threat actor and will not be engaging with them."

The affected data included basic personal details such as names and contact details, but does not include passwords or financial information.

It may also include marketing-related data such as Harrods membership tier levels a

See Full Page