Retailers are facing a growing cybersecurity threat. Not from competitors. Not from market shifts. But from cyber criminals. And the risks are rising fast – so retailers can’t afford to delay in addressing this risk.
In August 2025, luxury brands Chanel and Pandora confirmed data breaches related to their Salesforce platforms.
The attackers didn’t use malware. They used people. Scammers tricked employees into handing over credentials by posing as IT support through voice phishing. Once inside, hackers accessed customer data including names, emails, and phone numbers.
That’s all it takes to launch phishing campaigns, identity fraud, and more. These breaches occurred more than once. They were part of a wider campaign by the ShinyHunters group, flagged by Google Threat Intelligence, who. The group used Python scripts and TOR networks to hide their tracks.
The common thread? Third-party platforms. Retailers rely on them for CRM, logistics, and payments. But when hackers breach these platforms, the results come quickly and seriously.
The same group used social engineering to access M&S and the Co-op earlier this year. They pretended to be staff and reset credentials. M&S suffered a major shutdown with their online ordering system, and an estimated £300 million loss in profit.
Co-op, on the other hand, detected the breach within minutes and contained it quickly. Their customer services barely flinched.
The lesson is clear. Cybersecurity isn’t just about firewalls and antivirus software. It’s about people, processes, and preparation.
Why Retailers Are Vulnerable
Retailers hold large amounts of customer data, and hold it across multiple systems. And they often rely on third-party vendors.
This creates a complex ecosystem with many entry points. Attackers know this. They look for the weakest link—often a poorly secured integration or an unsuspecting employee.
Cloud-based systems add another layer of risk. While scalable and efficient, they can be a security risk. If access controls aren’t tight, attackers can slip through unnoticed.
The Cost of Getting It Wrong
A breach doesn’t just mean lost data. It means lost trust.
Customers expect their information to be safe. When it’s not, they look to competitors. The reputational damage can be long-lasting. And the financial impact—through fines, legal costs, and lost sales—can be crippling.
M&S’s experience shows how quickly things can unravel. Their online business experienced disruptions for months. Meanwhile, Co-op’s swift response protected their brand and their bottom line
What Retailers Can Do to Improve Cybersecurity
- Invest in Detection and Response Speed matters. Co-op’s success came down to spotting the breach early. Retailers need robust monitoring systems and trained teams ready to act.
- Secure Third-Party Integrations Don’t assume vendors have it covered. Review their security protocols. Limit access to sensitive data. And ensure contracts include breach notification clauses.
- Train Your People Most breaches start with human error. Regular training helps staff spot and act on phishing attempts.
- Use Multi-Factor Authentication Passwords alone aren’t enough. MFA provides a layer of protection, even if someone steals credentials.
- Segment Your Network If attackers get in, segmentation can stop them spreading. They might breach the first wall, but they won’t get beyond that.
- Have a Plan Breaches happen. What matters is how you respond. A clear incident response plan ensures everyone knows what to do—and does it fast.
- Take a look at guidance from National Cyber Security Centre Incidents impacting retailers – recommendations from the NCSC – NCSC.GOV.UK
Final Thought
Retail is changing. Customers expect seamless digital experiences. But they also expect safety. Cybersecurity isn’t a tech issue, it’s a business issue. And it needs board-level attention.
Retailers who invest in secure systems, train their teams, and prepare for the worst won’t just survive. They’ll thrive. Because trust is the real currency of retail. And trust is earned, it shouldn’t be assumed.
