Online retailers could lose $22.2 billion through severe data breaches each year, based on the average cost and frequency of cyberattacks in the ecommerce sector, research reveals.

• The U.S. ecommerce sector could lose $22.2 billion through severe data breaches each year, new research reveals.
• 51 percent of organizations have experienced a security incident during the last 12 months and can lose up to 7.3 percent of their net worth per incident.
• More than 10 percent of retail purchases are made online in the U.S. while ecommerce fraud attempts have risen by an estimated 18 percent this year so far.
• If impacted, Macy’s could lose a staggering $2.0 billion per incident, and Target could lose up to $4.6 billion in value.

New research, published by cloud solutions company iomart, analyses the financial impact of typical, severe and catastrophic data breaches to reveal what each breach could cost top companies and social media platforms.
How much each retailer stands to lose depends on how long it takes them to identify and then contain a breach, which correlates to the number of data records stolen—as outlined by IBM’s 2019 “Cost of a Data Breach Report.”
Online sales have grown 16.4 percent year-on-year in the U.S. since 2018. More than 10 percent of retail purchases are made online, resulting in the ecommerce market currently being worth an estimated $599 billion.
However, research reveals that an average of 51 percent of organizations experienced a cybersecurity breach each year while almost 90 percent of login attempts made on online retailers’ websites are actually hackers using stolen data.
If 51 percent of online retailers experienced a severe data breach and lost a subsequent 7.3% of their value, this would equal a momentous loss of $22.2 billion in the U.S. alone.
The biggest reason for data breaches in the ecommerce sector is flaws in payment systems. Shopify experienced a security flaw in an API endpoint last year that could have impacted more than 800,000 merchants in more than 175 countries.
With data breaches on the rise as a result of compromised security systems during the Covid-19 crisis, it has never been more important for online retailers to protect customers’ data.
Bill Strain, chief technology officer (CTO) at iomart, urges retailers to prioritize data security. He says, “These figures are a stark warning about the importance of investing in data protection.
Many smaller retailers wouldn’t survive the operational impact of a successful cyberattack, let alone the financial one of a punishing fine on top. Looking at your potential risk and knowing where your data is, controlling who has access to it and making sure it’s secure should be an absolute priority.
“It’s still the case that most cyberattacks start by exploiting our human vulnerability,” Strain adds. “By training staff to spot suspicious emails, login attempts or links, you can lock the front door and then use technological solutions to ensure the hackers can’t get in around the back.”
iomart also offers some tips on how online retailers can create an effective defense against such an attack:
• Keep IT systems and software up to date.
• Store sensitive data separately.
• Control users’ access and privileges.
• Secure the email gateway.
• Do regular off-site backups of your data.
• Provide regular security training for all staff.

To see the results of iomart’s “Dangerous Data: The Cost of a Data Breach” analysis, visit blog.iomart.com/cost-of-a-data-breach. Also visit ibm.com/security/data-breach to access IBM’s 2019 “Cost of a Data Breach Report.”