Why Are Ransomware Attacks on Retail So Common?

Daniel Litwin
Mar 1, 2023
Learn more
cybersecurity IT Phishing ransomware retail

We’ve all seen those suspicious emails that show up in our inboxes: “Is this picture of you?” they’ll ask, as we hover over that link for just a moment. Now more than ever, companies are aware and preparing for digital threats and data breaches. Despite that, or perhaps because of it, year after year both the amount and the sophistication of digital attacks increases. According to IBM’s 2022 report on the cost of a data breach, the global average cost for a data breach was a record-breaking $4.35 million, a figure that’s risen nearly 13% just in the last year. For ecommerce and big box retailer professionals who might be wondering, do these trends match up to the data behind ransomware attacks on retail?

When it comes to who bad actors are targeting, it seems more are turning to the retail industry as an industry ripe for exploitation. Research out of cybersecurity and device data privacy firm BlackFog, which catalogs the rate of retail sector cybersecurity breaches yearly, found that ransomware attacks on retail increased by 67% in 2022, year-over-year. Compared to 2020, the increase was even more substantial, growing by 233%.

Daniel Pigeon, the senior product marketing manager at Cyberint, explains why ransomware attacks on retail might be growing in prominence and where hackers are finding vulnerabilities to take advantage of.

Daniel’s Thoughts:

“In 2022, the retail industry was the third most targeted industry for ransomware attacks, and 14% of all ransomware attacks that the Cyberint team observed were on retail industry organizations. So, this raises an important question, which is why are threat actors in ransomware groups targeting the retail industry?

From our research at Cyberint, we believe that there’s two primary reasons. First of all, when threat actors target and attack retail industry organizations, they don’t receive nearly as much negative attention from the media or from law enforcement as when they attack other industries such as healthcare, education, government, and critical infrastructure.

The second reason is that retail industry companies tend to have a weaker cybersecurity posture compared to other industries like technology, banking and insurance. This makes the retail industry a great target as threat actors don’t need to put in as much effort to compromise their victims. We’ve seen threat actors with a relatively low level of sophistication successfully compromise and attack retail industry companies.

The main attack vectors that we’re seeing are vulnerability exploitation of old and unpatched software, phishing attacks that target both the retail organization’s employees as well as the retail organization’s customers, and finally malware: specifically, a type of malware called infostealers, which steal credentials and other sensitive data from the victim’s browser.”

Article written by Graham P. Johnson.

Follow us on social media for the latest updates in B2B!

Image

Latest

Global
IPS Global MKT Meet NYC 2026- Paul Yousif
April 8, 2026

Corporate transformation often falters not at the point of vision, but at the moment when strategy must become execution. For organizations like TekniPlex, recent efforts have focused on driving meaningful internal change—aligning leadership, redefining processes, and setting a renewed course for innovation and customer engagement. Yet the real test begins after the meetings…

Read More
Innovation
Takeway AMI – Innovation and Leadership
April 8, 2026

At industry gatherings, the real story often unfolds not just on the stage, but in the subtle signals of competition, collaboration, and brand presence woven throughout the floor. The recent AMI Single Serve Coffee Conference underscored how even modest investments in visibility—like a well-placed sponsorship or a ubiquitous lanyard—can transform perception and spark…

Read More
Oscar Martin Interview – AMI Single Serve Tampa -2026
April 8, 2026

The single-serve coffee industry is at a pivotal moment, where convenience and sustainability are no longer competing priorities but parallel expectations shaping innovation. At gatherings like the AMI Single Serve Coffee Conference in Tampa, the conversation has clearly shifted from abstract goals to tangible, commercially viable solutions—especially in the realm of compostable and recyclable packaging….

Read More
AMI
Martyna Fong – AMI SIngle Serve Coffee Conference – Tampa, 2026
April 8, 2026

At the close of day one at the AMI Single Serve Coffee Conference in Tampa, a cautious industry narrative began to shift toward renewed optimism. What many had feared was a stagnant K-Cup market revealed instead a quiet but meaningful evolution—one driven not by volume, but by premiumization. As Martyna Fong highlighted, growth is…

Read More
Related
AI
Software & Technology
Power, Pressure, and Precision: What It Takes to Keep AI Online 24/7
April 8, 2026
AI data center
Healthcare
Power, Cooling, and Risk: What It Takes to Bring a 100MW AI Data Center Online
March 28, 2026

The industry knows how to build data centers. What it’s still figuring out is how to turn on AI factories at scale. With facilities now crossing 100 megawatts—far beyond the 5 to 10 megawatt norm of traditional builds—operators are no longer just validating equipment. They’re testing whether entire systems—power, cooling, controls, and the teams behind…

Read More
private equity
Healthcare
How AI Is Transforming Private Equity Deal Evaluation and Portfolio Strategy
March 13, 2026

Artificial intelligence is rapidly transforming how organizations evaluate risk, analyze markets, and drive operational efficiency. In financial services alone, global AI spending is projected to surpass $97 billion by 2027, reflecting how deeply data-driven technologies are reshaping decision-making. For private equity firms—where hundreds of potential investments may be screened each year—the ability to analyze information…

Read More