Skip to content
MarketScale
‹ Back to IndustriesSoftware & Technology

Why Are Ransomware Attacks on Retail So Common?

We’ve all seen those suspicious emails that show up in our inboxes: “Is this picture of you?” they’ll ask, as we hover over that link for just a moment. Now more than ever, companies are aware and preparing for digital threats and data breaches. Despite that, or perhaps because of it, year after year both…

This story was produced through MarketScale. See how Software & Technology teams put it to work with Executive Thought Leadership.

By Daniel Litwin · CybersecurityItPhishingRansomware
Share

Key takeaways

01

We’ve all seen those suspicious emails that show up in our inboxes: “Is this picture of you?” they’ll ask, as we hover over that link for just a moment.

02

Now more than ever, companies are aware and preparing for digital threats and data breaches.

03

Despite that, or perhaps because of it, year after year both…

We’ve all seen those suspicious emails that show up in our inboxes: “Is this picture of you?” they’ll ask, as we hover over that link for just a moment. Now more than ever, companies are aware and preparing for digital threats and data breaches. Despite that, or perhaps because of it, year after year both the amount and the sophistication of digital attacks increases. According to IBM’s 2022 report on the cost of a data breach, the global average cost for a data breach was a record-breaking $4.35 million, a figure that’s risen nearly 13% just in the last year. For ecommerce and big box retailer professionals who might be wondering, do these trends match up to the data behind ransomware attacks on retail?

When it comes to who bad actors are targeting, it seems more are turning to the retail industry as an industry ripe for exploitation. Research out of cybersecurity and device data privacy firm BlackFog, which catalogs the rate of retail sector cybersecurity breaches yearly, found that ransomware attacks on retail increased by 67% in 2022, year-over-year. Compared to 2020, the increase was even more substantial, growing by 233%.

Daniel Pigeon, the senior product marketing manager at Cyberint, explains why ransomware attacks on retail might be growing in prominence and where hackers are finding vulnerabilities to take advantage of.

Daniel’s Thoughts:

“In 2022, the retail industry was the third most targeted industry for ransomware attacks, and 14% of all ransomware attacks that the Cyberint team observed were on retail industry organizations. So, this raises an important question, which is why are threat actors in ransomware groups targeting the retail industry?

From our research at Cyberint, we believe that there’s two primary reasons. First of all, when threat actors target and attack retail industry organizations, they don’t receive nearly as much negative attention from the media or from law enforcement as when they attack other industries such as healthcare, education, government, and critical infrastructure.

The second reason is that retail industry companies tend to have a weaker cybersecurity posture compared to other industries like technology, banking and insurance. This makes the retail industry a great target as threat actors don’t need to put in as much effort to compromise their victims. We’ve seen threat actors with a relatively low level of sophistication successfully compromise and attack retail industry companies.

The main attack vectors that we’re seeing are vulnerability exploitation of old and unpatched software, phishing attacks that target both the retail organization’s employees as well as the retail organization’s customers, and finally malware: specifically, a type of malware called infostealers, which steal credentials and other sensitive data from the victim’s browser.”

Article written by Graham P. Johnson.

About the author

Daniel Litwin
Daniel LitwinEditor, B2B Media, MarketScale

Daniel Litwin is a journalist of multiple disciplines focused on finding and telling engaging stories for B2B communities. He has interviewed executives from Fortune 500 companies including Honeywell, Microsoft, John Deere, and Chipotle, and leads editorial direction at MarketScale. Litwin hosts weekly shows and podcasts while helping develop new content approaches across the MarketScale platform. He holds a B.J. in Radio/Television Reporting/Anchoring and a B.A. in Spanish from the University of Missouri-Columbia.

Software & Technology: are you visible to AI?

Before they reach out, Software & Technology buyers ask AI engines which vendors to trust. See how AI describes your company today, and where competitors show up instead.

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace
One video edit a month, on us
AI writing, editing, and publishing tools
In-platform coaching to learn the system

More Software & Technology Insights

Nvidia's Next AI Rack Costs Nearly Double the Last One, and Memory Is Why. What Infrastructure Buyers Should Budget For.

Nvidia's Next AI Rack Costs Nearly Double the Last One, and Memory Is Why. What Infrastructure Buyers Should Budget For.

Nvidia's next-generation Vera Rubin rack will cost hyperscalers $7.8 million—nearly double the prior generation—with memory now accounting for 25-30% of total cost instead of 5-10%. This shift signals that AI infrastructure budgeting must focus on total system cost rather than GPU pricing alone.

  • 01Memory costs jumped 435% to roughly $2 million per rack due to increased LPDDR5X capacity and 3D NAND storage, making it a strategic budget variable across all technology purchases
  • 02GPU share of bill of materials fell from 63% to 51% while memory rose to 25-30%, requiring infrastructure planners to model AI spend on total system cost not accelerator count
  • 03Memory supply constraints and tight availability now warrant the same scheduling and planning attention as GPU allocation, with procurement structure able to move final pricing by $1+ million per rack

Jul 6, 2026

Gemini 3.5 Pro Is Still in Preview Entering the Second Week of July. Here's What Enterprise Teams Evaluating a Model Should Do About It.

Gemini 3.5 Pro Is Still in Preview Entering the Second Week of July. Here's What Enterprise Teams Evaluating a Model Should Do About It.

Google's Gemini 3.5 Pro remained in limited preview into July 2026 due to token efficiency and reasoning performance concerns, signaling that enterprises must now evaluate AI models on cost-per-task rather than raw specs. Enterprise teams should architect workflows around stable API contracts, assess models by total operating cost, and hedge roadmaps with generally available alternatives rather than wait for unconfirmed vendor timelines.

  • 01Token efficiency has become a procurement metric for enterprises, as operating cost per completed task now matters more than benchmark scores or context window size
  • 02Enterprise teams should build against API interfaces rather than specific models to enable seamless model swaps at general availability with minimal rework
  • 03Hedging model strategy with generally available alternatives protects project delivery timelines when a vendor's release date remains uncertain

Jul 6, 2026

AI cost reality bites: Uber, Starbucks, and the enterprise ROI reckoning

AI cost reality bites: Uber, Starbucks, and the enterprise ROI reckoning

Uber and Starbucks faced significant challenges with their AI investments. Uber exhausted its entire 2026 AI budget within just four months, and Starbucks decided to discontinue its AI inventory system after only nine months. These experiences highlight the growing demand for verified return on investment in enterprise AI projects.

  • 01Uber used up its 2026 AI budget in four months.
  • 02Starbucks discontinued its AI inventory system after nine months.
  • 03Enterprises are now focused on confirming AI's ROI.

Jul 5, 2026

Explore More Software & Technology Insights

Read more expert perspectives from across Software & Technology.

Browse Software & Technology Hub

About the Expert

Daniel Litwin
Daniel Litwin

Editor, B2B Media

MarketScale

Daniel Litwin is a journalist of multiple disciplines focused on finding and telling engaging stories for B2B communities. He has interviewed executives from Fortune 500 companies including Honeywell, Microsoft, John Deere, and Chipotle, and leads editorial direction at MarketScale. Litwin hosts weekly shows and podcasts while helping develop new content approaches across the MarketScale platform. He holds a B.J. in Radio/Television Reporting/Anchoring and a B.A. in Spanish from the University of Missouri-Columbia.