Cyber Attacks Could Stifle Online Demand From The Under-35s
UK retail sales volumes saw a return to very slight growth last year, but concerns are growing that high-profile cyber attacks targeting major retailers will undermine the fragile gains seen so far this year. Top retailers on both sides of the Atlantic, from Marks & Spencer (M&S) and Harrods in the UK, to Ahold Delhaize USA and Pandora's U.S. operations, have been targeted by ransomware and other attacks, driving down consumer confidence as shoppers worry about their data being stolen.
M&S, with sales of £13.9 billion ($18.9 billion) in the year to March 2025, issued a £300 million ($407 million) profit warning in May due to the impact of its cyber attacks, and has only recently restored its online services. The retailer's share price is down by 7.7% since the announcement, highlighting the significant impact of these attacks on consumer confidence.
However, it appears that younger generations are taking the threat of retail data breaches most seriously. A survey conducted by London-based data and analytics house GlobalData, covering 2,000 U.K. respondents in July, shows that four out of every five (79%) of those aged 25-34 were most worried about personal data security when shopping online.
Across all age groups, the concern about personal data security dropped to 69% of consumers. This worry is driving indecision, with one third of 16-34s telling GlobalData they are considering "cutting back or stopping" online purchases, compared to just 11% of over 55s. This puts retailers under increasing pressure to improve their systems and restore digital trust with younger shoppers.
"This is especially the case for online pure-plays, which cannot redirect sceptical consumers to stores," said Emily Salter, GlobalData's lead retail analyst. "Younger shoppers also place more emphasis on experiential shopping, so this, combined with security concerns, could push them into stores."
However, while younger consumers are taking the threat of cyber attacks seriously, they are still prioritizing convenience when it comes to online shopping. Salter noted that "the convenience associated with the online channel will still trump security concerns for most consumers."
But this convenience-driven approach could have significant implications for retailers, particularly those operating in a precarious U.K. retail market where sales volumes have not returned to 2022 levels. According to Britain's Office of National Statistics (ONS), retail sales volumes rose by 0.7% in 2024, following a fall of 2.9% in 2023 and 4.1% in 2022.
Even with modest, low single-digit growth predicted for retail sales, further data breaches could have a negative impact on this trend. Online spending has not been affected yet, with sales values rising by 3.3% when comparing the second quarter with the first quarter. However, as Salter noted, "Younger consumers are more concerned about retailers storing their payment details, and think they are not doing enough to protect their private information when shopping online."
Paying with mobile wallets and third-party providers such as Apple Pay and PayPal is a way that consumers can avoid having to give their details directly to retailers. As such, store owners must ensure their websites and apps are compatible with these payment methods, which are especially popular among under-35s.