Pandora cyber attack highlights growing threat to ecommerce

The global jeweller, Pandora has recently fallen victim to a cyber attack — becoming the latest high-profile cyber incident. Other major retailers, such as M&S and the Co-op, were also hit with similar attacks earlier this year. 

The increase in cybercrime among these businesses has inevitably raised caution among consumers, with research from GlobalData revealing that worries over the issue have deterred young people from shopping online.

This could have a serious impact on ecommerce SMEs, who are often more vulnerable to these threats because they don’t typically have the resources for strong cybersecurity measures.

Pandora becomes the latest victim in cyber attack wave

Last week, Pandora confirmed that it had been hit by a cyber attack, with customer data being breached as a result. However, the company claimed that no confidential information, such as passwords and credit card details, was compromised.

A Pandora spokesperson told Forbes: “While incidents like these have unfortunately become increasingly common across industries, particularly among global companies, we take this matter very seriously. We are working closely with our supplier to investigate the incident thoroughly and to implement all necessary measures to ensure this does not happen again.”

Pandora has become the latest business hit by malicious cyber attacks. M&S reported a cyber breach in April, resulting in customer information being compromised. 

Major services, such as online orders and click-and-collect, were also paused. And even after the issue was resolved, online ordering didn’t resume until June. Its click-and-collect service had only just returned yesterday.

That same month, the Co-op also reported a cyber attack. At the time, CEO Shirine Khoury-Haq told the BBC that criminals had “accessed data relating to a significant number of our current and past members.” 

Online shopping fears hurting customer trust

While these incidents have since been resolved, it isn’t surprising that cybercrime fears are making consumers think twice about shopping online.

Young shoppers in particular are feeling the most concerned. According to statistics by GlobalData, one in five young consumers in the UK are considering reducing their online shopping for this very reason. 

33.5% of shoppers aged 16-24 reported that they were likely to reduce or completely stop online shopping, followed closely by 33.4% of consumers aged 25-34.

For Pandora, this could become a concern. The company had previously worked hard to appeal to Gen Z through new and updated pieces in its Pandora Me collection.

Emily Salter, Lead Retail Analyst at GlobalData, believes that the security of payment information is the leading concern for young shoppers. “Younger consumers are more concerned about retailers storing their payment details, and think that they are not doing enough to protect their private information when shopping online,” Salter comments.

How to protect your small business from cyber attacks

Smaller online stores can be much more vulnerable to attacks, due to their smaller cash reserves. Research by FLR Spectron reveals that UK SMEs faced over 200,000 cyber attacks between July and September last year — equating to one every 39 seconds. 

It was also reported that the seasonal slowdown in the summertime make July and August the prime time for cyber criminals to strike.

While small retail businesses may not have the same resources as brands like Pandora, it’s crucial to be proactive in ensuring the best cybersecurity, or risk devastating consequences.

Scheduling critical security updates before staff go on leave, such as during the Christmas holidays, and assigning certain people with responsibility for monitoring security, can help to protect business information from being compromised.

Other best practices include running a stress test to see how the business responds to an out-of-hours threat. Even something as simple as educating staff around securing confidential information while travelling or working remotely can make all the difference.

But your response after an attack can be just as important. Christoph C. Cemper, founder of AIRPM, advises that organisations should focus on transparency over protecting brand reputation, as the former can actually work to ensure the latter.

“Notifying consumers immediately and being transparent about any attacks is essential, as Pandora has demonstrated, and is in compliance with GDPR,” he says. “Retailers that delay informing customers risk further reputational damage and a loss of consumer confidence.”