UK consumers now view the prospect of having their data stolen in a retail cyber attacks as almost inevitable, but retailers who act swiftly and with integrity are more far likely to regain trust and emerge with “Brownie points”.
That is according to a new study by the Retail Technology Show, which reveals one in three consumers have been affected by retail cyberattacks in the past twelve months.
The research, which quizzed over 1,000 shoppers, highlighted that over a third (36%) of customers were warned by retailers that their data had been compromised, rising to over half (53%) for Gen Z shoppers.
It also showed that 33% of consumers were told by stores that their personal information had been stolen and a further 30% reported that their passwords had been breached.
RTS founder and event director Matt Bradley said: “As the cyber threat continues to rise, consumers now see it as a case of ‘when, not if’ retailers might be hacked.
“And, increasingly, they accept that both retailers and shoppers have a role to play to prevent cyber incidents.”
According to the study, cyberattacks have risen by 129% in the past year, with the National Cyber Security stating it had handled four major incidents a week in 2025, this included the attack on M&S, which was forced to stop trading online for nearly four months, the Co-op, and Harrods.
Over three-quarters (76%) of shoppers view cybercrime as a threat to retail firms and a similar proportion (77%) believe retailers should invest more into keeping customers and businesses safe from cybercrime.
However, half (47%) of respondents admit they aren’t always “security savvy” when shopping online and 52% say they reuse the same passwords across multiple accounts.
The research also reported that while 44 per cent of consumers said cyber-attacks reduced their trust in brands, 67 per cent stated that they would continue shopping at retailers who quickly resolved the issue.
Two-thirds also said that open, honest conversations after the incident would help to regain their trust.
Bradley concluded: “The rising prevalence of cybercrime means customers are now more sympathetic to brands when hacks occur and, as we saw in the case of M&S last year, will rally to support the retailer in the aftermath – but only as long as the retailer acts quickly and with integrity.”
Related stories
Ransomware fine fuels security warning to all UK firms
M&S faces £300m hit as cyber attack fall-out continues
M&S emails 9.4m customers to warn them of data loss
M&S facing ‘unprecedented’ hack attack class action
Govt wades in as Co-op and M&S cyber attacks escalate
Ransomware victims who pay up are nearly all hit again
