Retail Cybercrime Surge: Credential Theft Tops Payment Data Risks

A recent study from KnowBe4 reveals that cybercriminals are increasingly targeting personal credentials, overtaking traditional payment data theft as the prime method of attack.

According to the “Global Retail Report 2025” by KnowBe4, credential harvesting—primarily executed via phishing attacks—accounted for 38 percent of all compromised data in 2023. In contrast, the theft of payment card data dropped to 25 percent. This shift comes amid a significant surge in cyberattacks on retailers, which have increased by 56 percent over the past year, placing the retail industry among the top five most targeted sectors.

Stu Sjouwerman, CEO of KnowBe4, emphasized the evolving threat landscape:
“Our research reveals a critical shift in how cybercriminals are now prioritizing credential theft over payment card data. Stolen credentials allow immediate access to personal accounts, bypassing security measures like passwords and two-factor authentication,” Sjouwerman said. He noted that organizations investing in regular security awareness training have seen dramatic improvements, underlining that managing human risk is essential to any robust security strategy.

The report also highlights that the retail sector’s vulnerability is compounded by consumer behavior. With over 62 percent of purchases made via credit or debit cards, retailers collect vast amounts of personally identifiable information (PII), including names, addresses, and purchasing histories. This wealth of data makes retail a particularly attractive target for cybercriminals, who are now further empowered by advanced AI tools that simplify sophisticated intrusion methods.

Regional disparities were evident in the findings, with North America experiencing the highest percentage of cyberattacks at 56 percent, followed by Latin America at 32 percent. In Europe, cyberattacks accounted for 11 percent of the total. Notably, the U.S. retail sector, despite representing only 28 percent of the market share, accounted for 45 percent of global ransomware attacks, marking it as the second most targeted sector globally.

The report advocates for a reduction in “human risk” factors through continuous employee education on phishing tactics and other cyber threats. Retailers that conducted security awareness training and simulated phishing evaluations for at least a year saw the susceptibility rate among employees drop dramatically—from 42.4 percent to just 5.2 percent in large organizations, with similarly impressive declines in small and medium-sized retailers.

As the digital landscape continues to evolve, these findings underscore the urgent need for retailers to bolster their cybersecurity measures. Enhancing workforce education and deploying advanced threat detection systems remain critical to mitigating the financial and reputational damage of cyberattacks.

Photo Credit: DepositPhotos.com