Fashion Retail: Why cyber security can’t be an afterthought.

High-profile breaches at fashion leaders like Dior and M&S offer a clear signal: the sector is being actively targeted by cyber criminals. The stakes have never been higher. 

Recent attacks on major retailers have caused widespread disruption, exposing the fragility of digital operations and third-party supply chains. As retail brands move at pace with innovation, expanding e-commerce, automating logistics, and scaling global footprints, security must be embedded at every level of the business. 

Why Fashion is Being Targeted 

Fashion retailers are attractive targets for threat actors due to: 

• Large volumes of customer and payment data 

• Complex global supply chains 

• Heavy reliance on third-party platforms 

• High-value brand reputations, vulnerable to public breaches 

  
  

The Dior attack which originated from a logistics partner, illustrates how indirect access points are increasingly being exploited. 

The Cost of Downtime 

A successful breach doesn’t just impact systems. It affects trust, operations, and the bottom line: 

• Brand damage and negative media coverage 

• Operational disruption and missed sales windows 

• Exposure to regulatory penalties (GDPR, PCI-DSS) 

• Long-term loss of consumer confidence 

  
  
  
  

How to safeguard against attacks 

Our co-founder and partner Daryl Flack was featured in a recent @voguebusiness article ‘Fashion under Fire: How can retail fend off cyber attacks’?  

He recommends segmentation of IT systems and a zero trust approach for retailers.

“Ensure any identified security holes are patched up quickly. Attackers will target organisations where they know that there are known vulnerabilities that haven’t been patched yet”.   He also advised to invest in good backups. “They’re the things that save you if you’re under a ransomware attack. Once you’ve contained the breach and cleansed it all, you need to be able to restore from backup. Use different technology for backups to the core IT system and make sure some are offline”, he adds. 

Other critical areas to focus on are: 

1. Vendor Risk Management Assess and secure your entire supply chain. Require minimum security standards from all third parties. 

2. Workforce Readiness Equip employees to spot phishing and social engineering attempts. Regular training is essential. 

3. Zero Trust Frameworks Assume breach. Restrict access. Monitor continuously. Trust is earned, not granted. 

4. Incident Preparedness Simulate attacks. Know your response playbook. Time is critical during an incident. 

5. Ongoing Threat Intelligence Stay ahead of evolving threats with real-time insights tailored to your sector. 

6. Enhanced Monitoring Collect more frequent, real time metrics about the operating system to sport for anomalous activity.

7. Two Factor Authentication Reduce the risk of unauthorised access, even if an attacker has compromised the user's password. 

   
   

Read the full article in Vogue Business, click here: Fashion under fire: How can retail fend off cyber attacks? by Megan Tatum May 22, 2025.