COMMENTARY
Retailers are facing a staggering increase in cyber threats that can no longer simply be brushed off as isolated IT issues, making cybersecurity in retail mission-critical.
Recent high-profile breaches at popular UK retailers Marks & Spencer, Co-op and Harrods, which led to the release of sensitive customer data, downtime and urgent warnings from the UK’s National Cyber Security Centre (NCSC), vividly highlight this urgency.
Given these escalating challenges, this blog examines five pressing reasons for retail professionals to prioritise cybersecurity as part of their digital transformation strategy and what actionable steps organisations should be taking to safeguard themselves, their data and their customers.
Why cybersecurity must be a top priority in retail
Here are five reasons retailers must take immediate action:
1. Explosion of sensitive data and its growing value to cybercriminals
Never Miss a Retail Update!
From customers’ payment card information to their buying patterns and loyalty programme details, retailers keep and handle massive volumes of personal data. Cybercriminals scavenge these details for use in black market transactions, fraud, and identity theft.
The digitisation of retail and the proliferation of mobile apps, e-commerce platforms, and Web3-enabled experiences have led to a further scaling of volumes and the movement of customer data across systems and devices.
Naturally, the cost of data breaches is now much higher with the added risks of financial losses, litigation, bad publicity, and loss of customer trust. Notable examples include the Morrisons data breach case, Dixons Carphone’s 10 million record breach, and JD Sports’ 2023 cyberattack that exposed the personal data of 10 million customers.
Digital transformation reshapes retail, but it also introduces more risks. As long as retail security strategies aren’t well-fortified, the retail threat will live on.
2. Evolving and sophisticated cyberattack techniques
Cybercriminals are writing new playbooks at a stunning pace, as highlighted by Irwin Mitchell’s Chief information security officer, Graham Thomson, in a recent expert commentary on staying secure in a digital age Their techniques, ranging from “spearphishing” and “phishing emails” to “ransomware as a service”, have become increasingly personalised, automated, and stealthy.
AI-based attacks are one of the fastest-growing threats. Attackers are leveraging AI to create phishing messages with nearly perfect grammar, automate credential stuffing attacks, and even evade conventional detection systems.
Examples of AI cyber attacks in retail
AI is transforming cybersecurity in retail and is proving to act as a two-edged sword. As merchants adopt more artificial intelligence security solutions to help combat fraud and create more compelling shopping experiences, the fraudsters are leveraging the same capabilities to launch more invasive, intelligent, and stealthy attacks.
Here are four theoretical instances in which AI is being used as a weapon in retail:
Used to flood retail systems and crash services.
Example of AI-powered botnet attack: Think of a midsize fashion retailer doing a flash sale online. A criminal uses an AI-infused botnet to impersonate the behaviour of hundreds of thousands of real humans. The bots flood the retailer’s website, overloading the checkout system and ruining the sale. Downtime not only results in immediate financial costs but also tarnishes a brand’s trustworthiness. The botnet adjusts in real time, so it evades simple traffic filters and can evade monitoring systems for longer than a traditional attack.
Voice or video impersonations of executives requesting sensitive access or transactions.
Deepfake phishing example: The cybercriminal uses AI to deepfake a video of the retailer’s CFO, urgently asking the finance team to approve a wire transfer to a “new supplier”. The video comes through an internal messaging system with a spoofed email address. An inexperienced junior employee, who has never heard of deepfake technology, actually complies with the demand, transferring £150,000 before the fraud is discovered.
Public AI datasets used for retail automation are compromised by malicious actors.
Example of data poisoning attacks: One major retailer employs artificial intelligence to set pricing algorithms and provide product suggestions for customers. Cybercriminals get access to the public dataset that trains the AI model, such as product descriptions or customer review content, and insidiously insert some misleading information. Subsequently, the system starts to file incorrect classifications for products and suggests unrelated or maybe even offensive pairings, leading to embarrassment in reputation and loss of earnings.
Machine learning models trained to break passwords at unprecedented speed.
Example: A generative AI model trained on billions of leaked credentials from the dark web is employed by a criminal group. When aiming at a retailer’s employee portal, the AI quickly tries password-and-username combinations with eerie precision. It is used to access the account of a senior staff member so that attackers are able to extract such sensitive customer data and shut down key POS systems before the breach is even noticed.
3. Securing smart stores: the risks of retail IoT
Retailers are quickly deploying Internet of Things (IoT) devices, from smart shelves and kiosks to microphones and cameras monitoring environmental factors in the store. Sounds like progress to most folks, but in fact, we’ve traded effectiveness for countless vulnerabilities.
Most IoT devices have poor or no security controls, providing new access points for hackers. Attackers can enter systems via exposed sensors or smart cameras, staffing systems, and then move sideways into payment systems or customer databases.
As in-store technology gets better, so must the security against hacks progress. Secure-by-Design products and processes must be combined with smart retail use cases.
4. Strict regulatory compliance and costly fines
In 2025, the regulatory burden is accelerating. The EU’s General Data Protection Regulation (GDPR) is still in effect, with fines across industries totalling more than €5.88 billion. With the UK under closer watch, it is not just retailers but also smaller retail businesses that are affected.
Meanwhile, the new PCI DSS 4.0 standard, a key card industry data security measure, was in full force by 31 March 2025.
It mandates:
- More powerful encryption and authentication techniques
- Ongoing risk assessments
- More third-party oversight
Any retailer that is not currently doing this can face significant financial penalties, lawsuits from consumers or bans on processing payments.
5. Fragile customer trust and brand reputation
Trust is a merchant’s most important currency. But one data breach can have a permanent effect.
A hack will deter more than 60% of shoppers from shopping with a retailer. As many as one-third of traders stop trading altogether. Bad experiences are broadcast across social media, amplifying the reputation damage.
Customer confidence is something that takes a lot of effort to build and can be eroded rather quickly. Proactive cybersecurity measures are needed to protect that trust and to ensure customer loyalty in the retail industry.
6. Protecting your supply chain and battling insider threats
Retail supply chains are increasingly interconnected and complex, making them a significant vulnerability. The increasing dependence on third-party vendors, cloud providers, and fulfilment partners has resulted in a large, weak attack surface that is an attractive target of attacks.
A hole at any one point in the supply chain could compromise your systems and lead to data breaches or operational shutdowns.
For example, Co-op’s 2025 ransomware attack (which was connected to stolen VPN credentials) resulted in self-checkout tills being brought offline and personal information from its membership programme being compromised.
There are insider threats, both accidental and malicious. Experts say strong defences include vigilant monitoring, access controls, and a highly developed culture of security awareness.
The State of Cybersecurity in the Retail Industry
As digital transformation in retail advances, retailers are currently among the most frequently targeted industries for cyber-related crime worldwide, and the UK is no different.
41% of retailers report having suffered at least one security breach in 2025; a chilling glimpse of how pervasive and committed cybercrime continues to be and a wake-up call for those still showing cyber security apathy despite growing risks. In addition, ransomware attacks on UK retailers rose by almost 75% in the first quarter alone, says recent industry data.
These attacks are increasingly organised and will target smaller, independent stores as well as large national chains that may have better security systems in place.
At a worldwide level, the picture is equally grim; over 70 % of retailers have suffered at least one data breach in the last 12 months. Such incidents typically involve:
- The theft of customer data, including credit or payment card information
- Payment Card Industry Data
- The locking of vital business systems
- A demand for ransom
The retail sector’s extensive use of digital technology (from e-commerce sites and POS platforms to loyalty apps and CRM solutions) makes it especially attractive to cybercriminals and cyber attackers who can capitalise on high transaction volumes and access sensitive customer information.
Final thoughts
This spike in cyberattacks highlights an important fact: no retailer is too small, niche, or local for cybercriminals to ignore. All companies in the retail industry need to acknowledge that cybersecurity is a front-line business priority and adopt a new breed of cybersecurity that evolves with the threat.
Retailers need to act quickly to protect their brands, data, and customers. Solve cybersecurity challenges by investing in cybersecurity solutions, training teams, auditing vendors, and trying to stay ahead of the threats. Only through such committed and evolving efforts can the retail industry build the necessary resilience to keep pace with a world that’s becoming more digital and more unpredictable by the day. The health of our high streets depends on it.
Join us at the Future of the High Street event and connect with leading retail minds, industry experts, and community champions who are pioneering the high street revival. Register today.
