Whether it’s online or brick-and-mortar, every new store or website represents a new potential entry point for threat actors. With access to more personally identifiable information (PII) of customers than most industries, bad actors perceive retail as a great way to cash in on their attacks. Plus, attackers can duplicate attack methods more easily since retailers share similar cybersecurity infrastructure.
The good news for retail is that the cost of a data breach in the sector remains low compared to many industries. However, this does not mean cybersecurity shouldn’t be a high priority. For retail, intangible costs like company reputation are often more important.
What Is a Retail Data Breach?
Retail data breaches result in attackers making off with customer data: credit card numbers, names, addresses and (in the case of e-commerce data breaches) even passwords. Retail data breaches also involve attackers gaining access to company data or accounts.
The methods attackers use to breach data in retail include:
Skimming credit card information at the point of sale
Sending phishing emails to social engineer information to obtain passwords or bank account numbers
Sending or injecting malware that can steal or wipe data
Using ransomware that holds data hostage until the victim pays a fee
While not a direct breach, attackers can also launch a denial of service (DOS) attack as a tactic to execute the breach.
Read the full CODB report
Well-Known Recent Retail Data Breaches
In June 2021, breach retail costs risks prevention strategies
