Cyberattacks Wreaking Havok on Holiday Sales

Cyberattacks prove problematic for retail sales.
Cyberattacks prove problematic for retail sales.

As the festive season unfolds and holiday shopping takes center stage, navigating the digital landscape with caution becomes imperative.

Since 2020, the retail sector has faced serious cyberattacks, resulting in breaches that impacted 280 million email accounts, making up at least 8% of all global data breaches, according to a recent study by Surfshark. The study highlights the most significant retail breaches of this decade and identifies the countries that have experienced the highest numbers of data leaks.

“Retail breaches have exposed a serious vulnerability in the digital landscape, affecting major players like Tokopedia, Luxottica and BigBasket. The United States faces the brunt of this cyber challenge, with over 80 million users compromised since 2020. At one breached account per four Americans, the impact is significant, urging both businesses and individuals to enhance their online defenses,” explains Agneska Sablovskaja, Lead Researcher at Surfshark, in a news release.

Biggest Retail Breaches Since 2020

The study found that the most significant publicly confirmed data breach in the retail industry since 2020 occurred in April 2020, affecting Tokopedia. As one of Indonesia’s leading tech unicorns and the country’s largest online store, Tokopedia fell victim to a cyberattack resulting in the compromise of 70 million user accounts, the company states.

The second-largest retail breach unfolded in March 2021, affecting Luxottica, a global leader in the eyewear industry and a prominent creator of glasses and prescription frames. Luxottica boasts ownership of renowned brands such as Ray-Ban, Oakley, Chanel, Prada, Versace, Dolce and Gabbana, Burberry, Giorgio Armani and Michael Kors, among others. This breach exposed over 60 million accounts, leaving a significant impact, particularly felt in the U.S., according to Surfshark.

In October 2021, the third significant breach targeted BigBasket, an Indian online grocery company. This breach compromised 20 million email accounts, with a predominant impact on nearly 90% of its Indian users. Based in Bengaluru, the company receives funding from major entities such as Alibaba Group, Mirae Asset-Naver Asia Growth Fund and the UK government-owned CDC Group, the company states.

Global Retail Cyberattack Landscape

Leading in the number of reported retail data breaches since 2020, the U.S. has witnessed over 80 million users compromised, accounting for 28% of the global total. This translates to a breach density of 237 for every 1,000 Americans. India follows with 27 million email accounts affected by retail breaches, contributing over 9% to the global count. The breach density stands at 19 for every 1,000 individuals in the country, according to Surfshark.

Russia has also felt the impact of retail data breaches, with over 25 million email accounts compromised, making up nearly 9% of the global count. The breach density in Russia is 173 accounts for every 1,000 Russians. Indonesia follows suit, experiencing breaches that affected almost 21 million accounts since 2020, constituting over 7% globally. The breach density in Indonesia is recorded at 75 accounts for every 1,000 Indonesians, the company states.