Retail (NAICS 44–45)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

Frequency

 

725 incidents, 369 with confirmed data disclosure

Top patterns

 

System Intrusion, Social Engineering and Basic Web Application Attacks represent 92% of breaches

Threat actors

 

External (96%), Internal (4%) (breaches)

Actor motives

 

Financial (99%), Espionage (1%) (breaches)

Data compromised

 

Credentials (38%), Other (31%), Payment (25%), System (20%) (breaches)

What is the same?

 

The three attack patterns not only remained consistent but are even in the same ranked order as last year. Threat actors with a Financial motivation continue to target this sector.


Summary

While this industry is usually the place where we see Payment card data stolen, the focus of the threat actors has shifted to Credentials. Pretexting is also increasing, while Phishing has dropped. Denial of Service attacks remain a problem for Retail organizations, causing disruption to their ability to serve their customers and make sales.

The Retail sector is where we often find “Magecart” threat actors. They are particularly skilled at inserting malicious code into the e-commerce sites of retail entities to siphon off (usually) Payment card information. We saw roughly the same percentage of these kinds of attacks this year as we did last year (Figure 74). However, the type of data being compromised showed a surprising change.

With Credentials standing at 38% (very close to last year’s 35%) we didn’t expect to see Payment card data drop to 25% (from 37%). Now, we understand how attractive and useful Credentials are to your average threat actor, but we were stunned to see Payment card data, so useful for immediate fraud, drop so precipitously (Figure 75). As we have indicated before, we get the “what” of the changes in the data, but we do not always get the “why.” Is this a result of increased controls around the monetization of payment card data, making it harder for the criminals to use the data they have stolen? Or is it just that credentials are so much easier to steal? Either way, we will be interested to see if this is just a blip on the radar or an actual trend starting.

Data Breach Investigation Report figure 74
Data Breach Investigation Report figure 75

In social-related breaches, Pretexting has emerged triumphant over Phishing as the top social action. It is good to see that the threat actors were required to step up their game to successfully influence their chosen targets. Dare we hope it is because people are becoming better educated and thus able to resist the run-of-the-mill phishing efforts? A suspicious user community is a well-protected user community.

With regard to incidents, Denial of Service continues to represent a serious problem. While these attacks rarely result in confirmed data breaches, they do come with potentially serious disruption of the organization’s ability to function. We also saw Ransomware-related incidents continue to decline as they have since 2021.

Let’s
connect

Call Sales
877-297-7816

Have us contact you
Request a call

Call for Public Sector
844-825-8389