Luxury retailer Harrods has warned that customer information has been stolen in an IT systems breach involving one of its third-party providers.

In an email sent to customers on Friday evening, the London-based department store said details such as names and contact information of some online shoppers were accessed. Harrods stressed that the breach was an “isolated incident” and confirmed that no payment data or passwords had been compromised.

A Harrods spokesperson said the company’s own systems remain secure and that the breach was unrelated to a May cyberattack, when the store restricted internet access across its sites after an attempt to gain unauthorised access.

In a statement, Harrods said: “The third party has confirmed this is an isolated incident which has been contained, and we are working closely with them to ensure that all appropriate actions are being taken. We have notified all relevant authorities.”

The breach comes amid a wave of high-profile cyberattacks in the UK. Earlier this year, hackers targeted Marks & Spencer and the Co-op, while another group disrupted Jaguar Land Rover’s global production lines in August. In July, the National Crime Agency arrested four suspects, aged between 17 and 20, in connection with retail hacks, though all have since been released on bail.

Cybersecurity experts warn such incidents have tangible consequences. Richard Horne, CEO of the National Cyber Security Centre, told BBC Radio 4 that criminals are increasingly sophisticated: “These criminal attackers… don’t care who they hit, and they don’t care how they hurt them. All organisations, big and small, must take steps to secure their systems.”

The latest breach underscores growing risks for retailers and customers alike as hackers refine their methods to exploit digital vulnerabilities.