Lessons From Retail Data Breaches: Key Takeaways for Prevention

Research shows that cyberattacks against retail businesses are rising year-over-year — and that ransomware, in particular, is becoming a major concern.

With these worries in mind, what more can retail businesses do to protect themselves against hackers and bad actors? And what lessons can they learn from some of the biggest breaches in recent years?

Let’s explore some cautionary tales, common vulnerabilities, and recommended breach prevention strategies.

Notable Retail Data Breaches

There are various reasons why big retail businesses fall prey to data breaches. Some might be ill-prepared to protect themselves effectively (e.g., they don’t use preventive measures such as external penetration testing) or their teams might simply need more specialized training and insight into data security.

Regardless, there are a few big retail data breaches we can all learn from when it comes to prevention strategy. Some household names hit by major data breaches in recent years include:

Related story: Securing E-Commerce in an Age of Relentless Cyber Threats

• Hot Topic, BoxLunch, and Torrid, which lost 56.9 million customers’ personal data.
• Krispy Kreme, from which ransomware attackers claim to have harvested consumer data.
• Neiman Marcus, which experienced a data breach losing 64,000 customer details.

Ultimately, big retail has few excuses to ignore cybersecurity. And yet hackers are still taking advantage through poor posture and strategy.

Common Vulnerabilities Leading to Breaches

Some of the most common retail vulnerabilities leading to data breaches include:

• Lack of phishing awareness: Phishing, a type of social engineering, relies on people falling for scam emails and sharing data through fake links.
• Unpreparedness for generative artificial intelligence: Social engineering is becoming increasingly sophisticated with generative AI, which can mimic people to create fake profiles and messages.
• Lack of network segmentation: Segmenting devices across a network and securing them separately makes it harder for hackers to leak large company-wide data pools.
• Third-party problems: Retailers that use third-party vendors and services are increasingly at risk from vulnerabilities experienced along the supply chain.
• Human error: Whether accidentally sharing credentials or ignoring the signs of social engineering, human error now makes up two-thirds of all retail data breaches.

Lessons Learned and Prevention Strategies

Although the list of common vulnerabilities is quite varied in its own right, there are still a few key lessons retailers can take away from such worrying trends:

1. Retrain your team. Given the high cause of vulnerabilities being human error, and that phishing is on the rise, it’s never been more important to make sure employees know how to spot and handle social engineering attempts.
2. Gain complete oversight of your security. Segmentation and access control issues suggest that retailers should take a more proactive stance in assessing security risks — e.g., by running penetration tests on a regular schedule.
3. Embrace the positives and negatives of AI. GenAI is here to stay, and it’s helping to make cyberattacks nastier and more intrusive than ever before. Retailers need to both embrace the pros of adopting AI for their own productivity and to keep aware of the threats it poses.

The Role of Compliance

By various laws, statutes and regulations, U.S. retailers have a duty to their customers to ensure they process and retain data safely and with terms that are accessible and easy to understand.

For example, any U.S. businesses doing trade in the European Union must adhere to the General Data Protection Regulation (GDPR) or risk losing millions of dollars in fines.

Regardless, the uptick in retail data breaches can be easy to offset with more proactive security measures, monitoring and training. Don’t become part of a terrifying statistic!

Tyler Owen is the senior director of product management for managed security services at VikingCloud, a cybersecurity and compliance solutions provider.