Hacked retailers have exposed 280 million email accounts since 2020

Breaches in retail have led to at least 280 million email accounts being exposed since 2020, and over a quarter of those affected were Americans, research by Surfshark reveals.
The retail sector, which faces some serious cyberattacks, accounts for at least 8% of all global data breaches.
The US was affected the most by retail breaches, with over 80 million users compromised. That translates to 237 accounts breached per 1,000 Americans, Surfshark found.
“The US is followed by India, Russia, and Indonesia, each of which has also experienced significant impacts. These countries faced retail breaches compromising over 20 million email accounts each, with breach rates of 19, 75, and 173 accounts breached per 1,000 individuals, respectively,” the report reads.
However, the largest single breach in recent years happened in Indonesia, when the country’s tech giant Tokopedia was hacked in April of 2020. During the incident, 70 million accounts were compromised.
The second largest hack affected the world's largest eyewear company, Luxottica. In March 2021, over 60 million accounts were exposed. Third up, in October of 2021, cybercrooks targeted the Indian online grocery company BigBasket, which resulted in 20 million email accounts, mostly from India, being compromised.
“As the festive season unfolds and Christmas shopping takes center stage, it becomes imperative to navigate the digital landscape with caution,” Surfshark warns.
Criminals often use compromised accounts to target online shoppers. Since 2019, 1.7 million online shopping fraud cases have been reported in the US, and roughly half of the victims encountered financial losses totaling $1.45 billion.