British Department Store Harrods warns customers of a data breach via a third-party provider, exposing some names and contact details.
Harrods, the luxury British department store, warned customers of a data breach affecting its online systems. The company confirmed that names and contact details of some e-commerce customers were exposed after one of its third-party provider systems was compromised. The company is investigating the incident and working with cybersecurity experts to secure its systems and protect customer data from further risk.
“We have been notified by one of our third-party providers that some Harrods e-commerce customers’ personal data has been taken from one of their systems,” Harrods said in a statement.
“We have informed affected customers that the impacted personal data is limited to basic personal identifiers, including name and contact details, but does not include account passwords or payment details.”
“The third party has confirmed this is an isolated incident which has been contained, and we are working closely with them to ensure that all appropriate actions are being taken. We have notified all relevant authorities.”
The company confirmed that the security breach was mitigated and pointed out that no financia data was compromised.
This security breach is not linked to the may cyber attack. In May, the luxury department store confirmed a cyberattack, threat actors attempted to gain unauthorised access to some of its systems. In response to the attack, the company “restricted internet access at its sites.”
In July, the British National Crime Agency (NCA) arrested four individuals in the country following an investigation into the recent wave of attacks targeting Co-op, M&S, and Harrods.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, pro-Russian hackers)
Laisser un commentaire