What: A comprehensive analysis of cyber threats in retail reveals critical vulnerabilities across ransomware, phishing, and supply chain security, with third-party breaches accounting for 41% of reported incidents and average losses reaching USD 1.4 million per ransomware attack.

Why it is important: As retail operations become increasingly digitised and interconnected, understanding and addressing these cybersecurity vulnerabilities is crucial for protecting both business operations and customer trust in an industry that relies heavily on seamless digital transactions.

The retail and hospitality industries face an intensifying array of cyber threats, with ransomware accounting for 30% of all reported incidents in 2024. These attacks have led to average operational downtimes of 72 hours and recovery costs reaching USD 1.4 million per incident. Phishing campaigns targeting customer data have increased by 22% year-over-year, while third-party supply chain breaches represent 41% of reported incidents. The impact extends to cryptocurrency fraud, with businesses reporting USD 450,000 in losses per incident. ReliaQuest's report emphasises the need for a defense-in-depth strategy, highlighting how intelligence-driven solutions and automation can significantly improve threat detection and response times. The findings underscore the critical importance of industry collaboration through organisations like RH-ISAC, particularly as cyber threats continue to evolve and target the sector's growing digital infrastructure.

IADS Notes: Recent cyber incidents underscore the report's findings about retail sector vulnerabilities. In March 2025, a single security update failure caused USD 5.4 billion in losses, while December 2024 saw a ransomware attack disrupting over 3,000 retailers' operations. The sophistication of threats is evident in January 2025 data showing 90% of successful cyberattacks begin with phishing, and the discovery of advanced card skimming malware targeting payment systems. El Corte Inglés's recent data breach through an external provider further demonstrates the critical importance of comprehensive security protocols and rapid incident response capabilities.

KasadaIQ Insights: Refund Fraud