7. Harrods
When: May
What happened?
Harrods was the third major retailer to be hit in a spate of cyber-attacks eventually linked to the Scattered Spider hacker community.
The luxury department store restricted internet access to its sites following an attempt to gain access to its systems.
Who nominated it, and why?
Harrods was picked out as one of the most significant cyber-attacks of 2025 so far by two of our 12-strong panel in the shape of NGS Director Jonathan Lassman and Cyberfort CEO Glen Williams.
When asked to justify his choice, Williams said “chain-reaction breaches” like it “underscore shared vendor vulnerabilities and heavy reliance on third-party contractors”.
Retailers like Harrods have been the main target of the notorious Scattered Spider hacker group because the sector “has lower levels of regulation when it comes to cyber defences, the complexity of their supply chain and the high turnover in the workforce”, Sapphire CEO Ian Thomas said.
Channel takeaway:
The Scattered Spider attacks have stark knock-on implications for channel partners, Sapphire’s Thomas claimed.
“Elevated risk of insider threat means there is a need for a multi-disciplinary cross-functional defence effort not always just limited to SOC and supply chain risk, often involves strengthening HR/recruitment processes,” he said.
“Additionally DLP solutions such as Microsoft Purview can assist with creating detections for this type of insider risk management and investments in UEBA (user entity behaviour analytics).”
Making a more general point, Lassman said large firms are making themselves vulnerable by not focusing enough on phishing and misconfigurations.
“The world currently seems fixated on EDR, XDR, MDR etc, but the attacks are still happening because the real attack vectors are not being tackled,” he said.
“I think we have proven that while phishing simulation training is a great idea for awareness, it is definitely not enough because phishing is the number-one attack cause.”
Six cyber-attacks were considered more significant by our leadership panel. See next page for more…
