Retail Giants Harrods and Co-Op Under Attack

A wave of cyberattacks targeted major UK retail institutions, including Harrods and the Co-operative Group (Co-op), alongside Marks & Spencer (M&S). These assaults unfolded in rapid succession and collectively exposed systemic vulnerabilities in the retail sector’s cybersecurity infrastructure.
Harrods, the renowned luxury department store, disclosed on May 1, 2025, that it had experienced attempted unauthorized access to its systems. In response, the retailer’s IT security team immediately restricted internet access across its locations. Despite the intrusion, Harrods assured that all physical stores (including its Knightsbridge flagship and airport branches) and its online platforms remained fully operational, and that there was no evidence of compromised customer data or demand for further action from customers
Meanwhile, Co-op faced an attempted ransomware attack around the same period. Its security teams were proactive, promptly disconnecting parts of its IT infrastructure, including call centers and back-office systems, to prevent escalation. The disruption caused some temporary operational impacts, such as stock shortages and system outages. Ultimately, it was confirmed that personal data belonging to approximately 6.5 million members, including names, contact details, and dates of birth was exfiltrated, though no passwords or financial data were compromised. Co-op has initiated investigations and encouraged vigilance among its members.