Cyberside Chats: Cybersecurity Insights from the Experts

Retail breaches are back — but they’ve evolved. This isn’t about skimming cards anymore. From ransomware taking down pharmacies to credential stuffing attacks hitting brand loyalty, today’s breaches are about disruption, trust, and third-party exposure. In this episode of Cyberside Chats, hosts Sherri Davidoff and Matt Durrin break down the latest retail breach wave, revisit lessons from the 2013 “Retailgeddon” era, and highlight what every security leader — not just in retail — needs to know today.

Key Takeaways

1. Redefine what “sensitive data” means. Names, emails, and access tokens are often more valuable to attackers than payment data.
2. Scrutinize third-party and SaaS access. You can’t protect what you don’t know is exposed.
3. Monitor and protect customer-facing systems. Logging, anomaly detection, and fast response are essential for accounts and APIs — especially when attackers target credentials.
4. Test your incident response plan for downtime. Retail isn’t the only sector where uptime = revenue and lives impacted.

Resources

2025 Verizon Data Breach Investigations Report: https://www.verizon.com/business/resources/reports/dbir/

Victoria’s Secret security incident coverage: https://www.bleepingcomputer.com/news/security/victorias-secret-takes-down-website-after-security-incident/

LMG Security: Third-Party Risk Assessments: https://lmgsecurity.com/third-party-risk-assessments/