Retail cybersecurity failures are a growing risk to public trust | NTT DATA

Mon, 04 August 2025

Retail cybersecurity failures are a growing risk to public trust

With one in four UK businesses falling victim to a cyberattack last year, Warren O’Driscoll, Head of Security Practice at NTT DATA UK&I, explores why retailers are a target and what they need to do next to strengthen cybersecurity.

Cyberattacks have become a near-daily threat to British businesses. According to a 2024 report from the Royal Institution of Chartered Surveyors (RICS), over 25% of UK businesses were victims of a cyberattack last year. It’s part of a broader trend: organised cybercriminals, including some with state affiliations, systematically targeting the retail sector. 

This Spring’s wave of attacks has highlighted the scale of the threat, and some ransomware groups clearly sense weakness in the sector. Every payout has made them stronger, bolder, and harder to stop. For the state-backed attackers, they’re working for a double reward: a hit to the affected country’s GDP, as well as an under-the-table payout from a company with their back against the wall. 

Retail businesses are uniquely attractive – and vulnerable – targets for attackers. Their mountains of sensitive customer data, including personal details and payment information, make them prime targets. Meanwhile, they operate on cash flow, so any disruption to trade will have significant consequences in their long-term operations.  

To protect cardholders’ information, as of March 31st, all UK retailers who accept card payments must comply with the PCI Data Security Standard (DSS). The problem is that only 14.3% of businesses had achieved full compliance as of 2023. It’s a tough bar for retailers to clear, but it exists for a reason. Anybody who shops with a card, provides a delivery address, or shares their email for an e-receipt should care about whether retailers take these measures seriously. 

To learn Warren’s full thoughts, read the full article in IT Pro
If you’re exploring your cyber capabilities and looking to understand your risk factors, read more about our cybersecurity services or get in touch to speak with an expert.

 

How can we help you

Get in touch