Harrods has vowed not to engage with cyber criminals after hackers contacted the store in the wake of a major IT systems breach that may have exposed the details of 430,000 customers.
The luxury Knightsbridge department store warned on Friday that information including names and contact details was taken after one of its third-party provider systems was compromised.
The incident is the latest in a wave of cyber-attacks targeting big British brands and comes just months after Harrods was forced to restrict internet access across its sites following a separate attempted hack.
In a statement on Sunday, the store said: 'We have received communications from the threat actor and will not be engaging with them.
'We proactively informed affected e-commerce customers on Friday that the impacted personal data is limited to basic personal identifiers including name and contact details, where this information has been provided. It does not include account passwords or payment details.
'Affected customer records may also have labels related to marketing and services delivered by Harrods.
'These labels may include tier level or affiliation to a Harrods co-branded card although this information is unlikely to be interpreted accurately by an unauthorised third party.
'We would like to reiterate that no payment details or order history information has been accessed and the impacted personal data remains limited to basic personal identifiers as advised previously.
'It is important to note that the information was taken from a third-party provider and is unconnected to attempts to gain unauthorised access to some Harrods systems earlier this year.'
Harrods has vowed not to engage with cyber criminals after hackers contacted the store in the wake of a major IT systems breach
The company said it had immediately notified the authorities and stressed that its internal systems remained secure.
Back in May, Harrods responded to an attempted breach by cutting off internet access across its sites as a precaution.
Two months later, in July, four people — two 19-year-old men, a 17-year-old boy and a 20-year-old woman — were arrested on suspicion of involvement in damaging cyber-attacks against Marks & Spencer, the Co-op and Harrods. They were later bailed pending further inquiries.
The National Crime Agency said the arrests were linked to suspected blackmail, money laundering, offences under the Computer Misuse Act, and participation in the activities of an organised crime group.
Harrods, which prides itself on serving some of the world's wealthiest customers, is the latest major British firm to be targeted by cyber criminals in recent months.
[SRC] https://www.dailymail.co.uk/news/article-15143141/Harrods-message-hackers-customers-personal-data-breach.html
