Retail Cyberattacks Are on the Rise — How Secure Is Your Supply Chain?
Over the past few months, a wave of cyberattacks has shaken the UK and European retail sector, exposing vulnerabilities in even the most established household names. In April, Marks & Spencer was hit by a ransomware attack traced to a third-party vendor, causing major disruptions to online orders, payment systems, and customer services. The breach exposed personal data such as names and contact details, with some services only recovering six weeks later and estimated losses reaching up to £300 million.
Soon after, the Co-operative Group confirmed data theft following IT shutdowns, and Harrods and H&M were also affected by suspicious activity and service outages. As more incidents come to light, it’s no surprise that data security has become a top concern across the sector.
In this article, let’s dive into why retail and supply chains are increasingly targeted by cybercriminals, the consequences these attacks can have, and the steps retailers and tech providers can take to strengthen defences and restore confidence.
Why Retail and Supply Chains Are Prime Targets
Retailers sit on vast volumes of valuable data and operate through complex webs of internal systems and third-party vendors, making them a goldmine for attackers. Many of the recent breaches exploited vendor access or impersonated internal support processes. For instance, attackers in the M&S case used social engineering tactics to trick helpdesk staff into granting system access.
The operational impact is huge. Marks & Spencer's multi-week disruption reportedly cost it hundreds of millions in lost revenue and market value. Co-op’s IT shutdown led to empty shelves and manual workarounds in stores. Even when customer payment data isn’t stolen, the trust damage and business interruption can be severe.
Retailers now account for 11% of all victims listed on data leak sites in 2025, up from 8.5% in 2024. Meanwhile, 43% of UK businesses reported experiencing a cyber incident this year, equivalent to approximately 612,000 organisations, according to the UK government Cyber Security Breaches Survey 2025.
Strengthening Defences: Best Practices for Prevention
So, how can retailers and supply chain partners protect themselves?
For long-term protection, experts recommend that retailers develop a comprehensive cybersecurity framework that includes:
Zero Trust Architecture: Implement a model where no entity, whether inside or outside the network, is trusted by default, requiring continuous verification of user identities and device integrity.
Regular updates and patches: Maintain up-to-date hardware and software, replacing end-of-life equipment and applying timely patches to close vulnerabilities.
Employee training: Educate staff on recognising phishing attempts, using strong passwords, and following secure data handling procedures.
Data encryption and backup: Keep all data encrypted and regularly back it up in secure cloud storage to minimise the impact of potential breaches.
Two-factor authentication: Implement multi-factor authentication for all systems containing sensitive data to add an extra layer of security
Retailers also need to ensure their partners — including suppliers, logistics firms, and software providers — meet high data protection standards.
How Kwayga Protects Sourcing & Supplier Data
At Kwayga, we’ve recently had several supermarket partners ask about how we manage data security — particularly in light of this growing industry concern. While Kwayga does not integrate directly with internal retailer systems, we do manage sourcing activity, supplier profiles, and communication data — all of which are critical to buying operations.
We recognise the importance of protecting data — both for our business and for our clients — and we follow strict security protocols based on industry best practices. This includes end-to-end encryption for all data in transit and at rest, secure authentication methods, and access controls that enforce the principle of least privilege. This principle ensures that a user or entity should only have access to the specific data, resources and applications needed to complete a required task. Our infrastructure is hosted within the EU, and only a small number of vetted employees have access to production environments — all protected with multi-factor authentication. Regular audits, penetration testing, and secure development practices ensure vulnerabilities are addressed proactively.
Ultimately, our approach is designed to give our customers peace of mind — so they can focus on sourcing the right suppliers, not worrying about data exposure.
The bottom line? Cybersecurity is no longer just an IT concern — it’s a board-level priority. Retailers and their technology partners must work together to build resilience against the growing wave of digital threats. Those that lead on data protection will not only reduce risk, they’ll win trust and competitive advantage in the long term.
