The 2023 Data Breach Investigations Report (DBIR) Retail Snapshot analyzed 16,312 security incidents, with 5,199 confirmed breaches. The retail sector remains a prime target for cybercriminals, with 94% of breaches involving external actors, primarily for financial gain. The top attack methods include system intrusion, social engineering, and web application attacks, with ransomware and stolen credentials playing significant roles. Payment card data remains a key target, with 70% of breaches originating from web applications. The report urges retailers, especially those in e-commerce, to enhance security measures, comply with PCI DSS 4.0, and strengthen protection against credential theft and malicious scripts.

Join for free to read