Harrods did not clarify what the scale of the impact on its network was, but said customers were being asked to “not do anything differently at this point”
The luxury department store Harrods says it is the latest retailer to have been targeted by a cyber attack. The firm said it had “restricted internet access at our sites” following an attempt to gain access to its systems.
It comes the day after the Co-op shut down parts of its IT systems to fend off a hack, while Marks & Spencer continues to deal with a cyber attack that has cost it millions of pounds in lost sales. Harrods said its flagship store remained open, and it continues to operate its online sales.
Harrods did not clarify what the scale of the impact on its network was, but said customers were being asked to “not do anything differently at this point”. A statement from Harrods read: “We recently experienced attempts to gain unauthorised access to some of our systems.
“Our seasoned IT security team immediately took proactive steps to keep systems safe and as a result we have restricted internet access at our sites today. Currently all sites including our Knightsbridge store, H beauty stores and airport stores remain open to welcome customers. Customers can also continue to shop via harrods.com.
Harrods’ online store appeared to be operating normally on Thursday evening. Richard Horne, chief executive of the National Cyber Security Centre (NCSC), the UK government body responsible for supporting organisations facing cyber threats, said the spate of attacks should serve as a “wake-up call” for Harrods, the Co-op and M&S.
He said the NCSC was working closely with the companies that had reported incidents, “to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture”.
Cody Barrow, former cyber chief at America’s National Security Agency, now chief executive of cybersecurity firm EclecticIQ, said the incident exposed the sector’s “mounting vulnerability to cyber threats”.
He said retailers should assume that they are targets for cyber attackers, due to the volume of customer data and the high impact that disruption can cause. “For consumers, vigilance is crucial: update passwords, monitor financial activity, and watch for scams exploiting recent breaches,” he added.
Marks and Spencer has seen its operations severely hampered by a cyber attack, the firm disclosed last week. Customers are still unable to place online orders and shelves have been left empty in some stores. The police are investigating.
Meanwhile, the Co-op said on Wednesday it had shut down parts of its IT systems in response to hackers attempting to gain access. On Thursday, it emerged staff at the Co-op were being ordered to keep their cameras on during remote work meetings, and verify all attendees.
Experts say that indicates the company suspects hackers may be lurking in calls. It is not known if the three incidents are connected.
Toby Lewis, Head of Threat Analysis at cybersecurity firm Darktrace, said it was possible that the three incidents impacting M&S, the Co-op and Harrods were a coincidence. But he suggested two other possibilities: that all three retailers share a common supplier or technology that has been compromised and used as an entry point for hackers.
Or the scale of the attack on M&S had prompted security teams at other retailers to look more closely at their safety logs and act on activity they would not have previously judged a risk. “It’s a lesson again in the growing difficulty large organisations have in securing against threats in their supply chain, particularly as those threats grow in volume and sophistication,” he said.
It is believed the disruption at M&S was a ransomware attack. This is a type of malicious software used to scramble important data or files after gaining access to computer systems, essentially locking them away unless a ransom is paid.
Security experts said a ransomware group which goes by the name “DragonForce” was behind the attack. The Co-op has not given any details of the nature of cyber attack made against it.
The chair of Parliament’s Business and Trade Committee, Liam Byrne, has written to Marks and Spencer’s chief executive, Stuart Machin, requesting further information about M&S’s cybersecurity defences, and whether it had adhered to the guidance given by the NCSC.,
