Carpetright cyberattack reiterates the importance of cybersecurity investment

April 25, 2024

35 4 minutes read

Untitled design6 — carpetright shutterstock 1051473950.jpg

Customers were unable to place orders through the company’s 400 stores or website for nearly a week. Credit: steved_np3 via Shutterstock.

Carpetright, a leading flooring retailer in the UK, was unable to process online or in-store orders for nearly a week due to a cyberattack.

Hackers targeted the company’s head office, deploying malware to gain unauthorised access to systems.

The attack significantly impacted Carpetright‘s operations. Customers were unable to place orders through the company’s 400 stores or website for nearly a week.

Additionally, the malware reportedly affected internal systems, with employees facing difficulties accessing payroll information.

According to Carpetright, the attack was contained before any customer or employee data was compromised. However, the incident highlights the growing threat of cyberattacks in the retail sector.

Industry analysts at leading data and analytics company GlobalData believe the cyberattack on Carpetright underscores the critical need for retailers to prioritise cybersecurity investments.

Access the most comprehensive Company Profiles
on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free
sample

Your download email will arrive shortly

We are confident about the
unique
quality of our Company Profiles. However, we want you to make the most
beneficial
decision for your business, so we offer a free sample that you can download by
submitting the below form

By GlobalData

Tick here to opt out of curated industry news, reports, and event updates from Retail Insight Network.

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“The impact this attack has had on Carpetright’s current orders and its future reputation has come at a very inopportune time for the retailer,” said Matthew Walton, senior retail analyst at GlobalData.

“The floorcoverings market at the moment is very challenging – GlobalData forecasts that the market will contract by 2.5% in the first half of 2024. The negative impact of this attack may also encourage more shoppers to switch to other retailers including its closest rival Tapi, rather than wait for Carpetright to be able to process orders.”

Walton emphasised that cost-cutting measures shouldn’t come at the expense of cybersecurity.

“Like many retailers, Carpetright has taken steps to reduce its costs recently to navigate a challenging big-ticket market and has already reportedly hired Teneo to explore possible cuts. However, this shows that whatever challenges retailers are under, they cannot afford to cut back on is cybersecurity.”

GlobalData’s reference to Thales‘ 2022 Data Threat Report further strengthens the point. The report found that nearly half (45%) of retail respondents experienced an increase in cyberattacks, with over a third (32%) having already suffered a security breach.

The Carpetright incident serves as a stark reminder for retailers of all sizes. Robust cybersecurity measures and investments are no longer optional; they are essential for protecting business operations, customer data, and brand reputation.