SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Ransomware
#
Supply Chain & Logistics
#
Cybersecurity

Retailers urged to strengthen cybersecurity after global attacks

Wed, 4th Jun 2025
Author image
By Shannon Williams, Journalist

Retailers worldwide are under intensifying pressure following a spate of high-profile cyber attacks, with recent incidents affecting global brands such as Adidas, Victoria's Secret, Cartier and North Face. Security experts warn these events are a stark reminder of the growing cyber risks faced not only by large multinational corporations but across the entire commercial landscape.

The latest wave of breaches has prompted urgent calls for increased vigilance and robust cyber security measures, particularly regarding third-party suppliers and the broader supply chain ecosystem. Siân John, chief technology officer at the cyber security consultancy NCC Group, emphasised the critical importance of supplier oversight in the wake of the Adidas incident, which was traced to an intrusion via a third-party customer service provider.

"Although it is unclear who is responsible for the Adidas attack, it has been confirmed that it originated through a third-party provider. This demonstrates how critical it is for organisations to have oversight of their supplier cyber security posture. Global brands are only as strong as their weakest link, so they must collaborate with partners and suppliers to build a robust ecosystem around them," John stated.

John further urged organisations to reassess their cyber security measures continuously, both internally and across their supply chains, acknowledging the rapidly evolving nature of cyber threats. She advised: "Even if they believe they are secure, with methods of attacks constantly changing, it is key that organisations are agile, and review their measures on a regular basis to adapt to ongoing threats. There should be thorough vetting at the outset of supplier relationships, with reviews throughout to avoid unknowingly leaving themselves open to attack."

The ramifications of these breaches are not limited to behind-the-scenes technical work; the disruption extends to employees, customers and broader business operations. Tim Rawlins, senior adviser and director of Security at NCC Group, commented on Victoria's Secret's recent cyber incident, noting both the complexity of recovery efforts and the company's transparent communications.

"Victoria's Secret has warned that its cyber security incident could take a while to resolve. Having assisted many organisations globally, we know that the impact of a cyber attack can be complex, and the recovery process takes time. By communicating clearly with customers and stakeholders, Victoria's Secret has shown it is dealing with the incident properly," Rawlins said.

He pointed out that the incident has affected office functions, staff IT services, in-store systems, and online platforms. "This is a reminder to businesses of how wide-reaching the fallout can be, especially for global and interconnected businesses. Halting operations, rather than rushing to bring them back online, is crucial to ensuring patches, recovery efforts, and strengthened cyber security are effective in the long run."

Recent weeks have seen several retail businesses targeted, with data from NCC Group showing that the 'consumer discretionary' sector, which includes retail, was the second most targeted industry for ransomware attacks globally in April 2025. Rawlins acknowledged the particular risk for retail: "It's a sector where disruption hits fast and hard, and attackers know it."

New breaches at luxury retailer Cartier and outdoor brand North Face have added to concerns. Ade Clewlow MBE, associate director and senior advisor at NCC Group, described the current volume of attacks as the new norm, not an aberration. "While the onslaught of cyber attacks dominating headlines may feel unprecedented, this is the reality we face daily in today's threat landscape. The risks go far beyond high-profile retail breaches – in fact, industrials, not retail, was the most targeted sector in April, accounting for 32% of all recorded attacks."

Clewlow warned that cyber criminals are deploying sophisticated social engineering tactics and weaponising new technologies, with last year recording the highest number of ransomware incidents ever. "And it's not just major corporations under threat. Cyber attacks have become a top concern for business leaders across every sector and size. The answer isn't panic – it's preparation. Organisations must double down on proactive cyber security strategies. In today's environment, prevention isn't just better than the cure, it's the only viable defence."

As businesses continue to navigate an increasingly perilous digital environment, experts agree that constant vigilance, comprehensive supply chain risk management, clear stakeholder communication and ongoing investment in cyber defences are vital to limiting the impact of future breaches.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Fortinet boosts workspace security suite with AI & new tools
Rapid7 Q1 2025 incident response findings
Exclusive Networks names Burachai Phaiboonnukulkij Thailand lead
EDDIESTEALER Rust malware mimics CAPTCHA to steal credentials
AI agent adoption rises among IT security leaders in ANZ
Top stories
Mary Yang appointed Chief Marketing Officer at SquareX
Exclusive: Why Cyberattacks on Aussie businesses are becoming more advanced
Okta launches enhanced data recovery for Australia
Exclusive: Commvault on cyber resilience as the new battleground for enterprise data
Gallagher Security hosts record-breaking user event in Adelaide