Luxury department store Harrods joined the list on Thursday of retail companies dealing with ongoing cyber attacks, prompting fears that the wider retail sector was becoming a target
The news came as M&S closed out a second week of no online sales, losing out on bank holiday web traffic and online impulse clothing buys as Britain basked in hot weather.
Co-op is the third major retailer to have dealt with similar issues in the past week, with the supermarket chain shutting down parts of its IT system and telling staff to keep their cameras on during remote meetings to deter hackers lurking on calls.
The attacks on three separate retailers ended up prompting a statement on Thursday from the UK government’s National Cyber Security Centre chief executive, Richard Horne, who said: “These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.”
You might therefore be surprised to hear that retail and wholesale businesses are actually the UK business sector least likely to report cybercrime. That stat comes from the latest cybersecurity breaches survey, a report from the Department for Science, Innovation & Technology and the Home Office based on a yearly questionnaire of thousands of businesses.
Just 11% of retail and wholesale businesses say they have experienced cybercrime in the past 12 months, almost half the rate reported in all business sectors. That 11% has also dropped markedly from the 18% reported in 2024. No other sectors reported such a significant decrease.
Two other datapoints are of note: retail and wholesale businesses are considerably more likely (44%) than businesses overall (27%) to say that cybercrime is a low priority. They are also less likely to have a board member or trustee responsible for cybersecurity than most other sectors.
One thing to mention is that if these businesses do not have sophisticated operations set up to deal with cybercrime it is unlikely they will be aware of every cyber attack they face.
“A lot of cybercrime goes unreported,” says Brian Kalms, partner and managing director at consulting firm AlixPartners, who wrote for Retail Week on the subject last week. He gives the example of a hacker who has found a vulnerability and is taking small bits of credit card information. “The criminal doesn’t want you to know they are attacking.”
A big caveat to add here is that this data represents retailers and wholesalers of all shapes and sizes. A more targeted survey of major retailers by Retail Economics and Barclays last year showed that cyber and data threats were viewed as the leading threat to business.
Retailers surveyed as part of the latest AlixPartners Disruption Index also cited cyber as the second biggest “disruptive impact” after inflation and also the most important to address.
“A retailer is a target for cyber criminals. You’ve got customer databases, you’ve got payments,” says IMRG strategy and insight director Andy Mulcahy. “They are a frequent target, and these things (cyber attacks) are always there.”
The picture of the much wider industry being one where cybercrime is viewed as infrequent and low priority will nevertheless cause some concern among many. That is especially the case if it turns out that the various attacks are coordinated in some way, as has been speculated by some cyber experts.
“This could be the horse meat scandal of cyber,” says Kalms, referencing the 2013 scandal where horse meat was found in some burgers and ready meals in the UK. The news prompted retailers to examine vulnerabilities in their supply chain and provoked industry change.
Whatever happens, expect to see a fair few more cybersecurity job postings from retailers as we move into the summer months.
1 Reader's comment