Research shows 38% of retail sector compromises now involve credential theft, surpassing payment card data breaches
KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today released its “Global Retail Report 2025,” revealing a notable shift in cybercriminal tactics targeting the retail sector. The report finds that credential harvesting, which is often orchestrated through phishing attacks, has become the predominant threat, accounting for 38% of all compromised data in 2023, while payment card data theft dropped to 25%.
The research shows an alarming increase in cyberattacks in the retail sector, with attack frequency rising by 56% in 2023 compared to the previous year. This puts retail in the top five industries targeted by cybercriminals. The average cost of a retail data breach reached $3.48 million in 2024, an 18% increase from 2023.
Key findings from the report include:
- Credential theft now accounts for 38% of all compromised data, while payment card theft dropped to 25%, making credential harvesting the leading threat in retail cyberattacks.
- North America’s retail sector experienced the highest percentage of attacks (56%), while Latin America saw the second most at 32%, and Europe experienced 11% of attacks.
- The U.S. retail sector accounted for 45% of global ransomware attacks despite representing only 28% of market share, making retail the second most targeted sector.
- Conducting security awareness training and simulated phishing evaluations for one year or more can reduce the likelihood of employees falling for phishing attacks for organizations of all sizes.
The report demonstrates the significant impact of security awareness training on reducing human risk in retail organizations. Employee susceptibility to phishing attacks dropped from 42.4% to just 5.2% in large retail organizations, while small and medium-sized retailers saw similar improvements, with rates dropping to 4.7% and 4.5% respectively after one year of continuous training.
“Our research reveals a critical shift in how cybercriminals are now prioritizing credential theft over payment card data,” said Stu Sjouwerman, CEO of KnowBe4. “Stolen credentials allow immediate access to personal accounts, bypassing security measures like passwords and two-factor authentication. The good news is that organizations implementing frequent security awareness training are seeing dramatic improvements, demonstrating that human risk management must be a core component of any retail organization’s security strategy.”
To download the full KnowBe4 Global Retail Report 2025, click here.