In recent months, a string of high-profile cyberattacks has shaken the retail world, revealing a growing threat that extends far beyond large corporations. Brands like Adidas, Marks & Spencer, and Victoria’s Secret have all been targeted, but the ripple effects of these attacks should concern anyone who runs a website, especially small business owners and bloggers.
In May 2025, Adidas confirmed a data breach caused by an attack on a third-party customer service provider. Hackers accessed names and email addresses of customers who had reached out for support. Although no payment information was taken, the incident highlights how vulnerable even basic contact data can be when handled by external vendors. This is particularly worrying for anyone relying on outsourced services like chatbots, helpdesks, or customer relationship platforms.
Earlier in the year, Marks & Spencer was hit by a cyberattack that disrupted their website, click-and-collect system, and in-store payments. The damage was extensive, with reported losses of up to £300 million and a massive decline in their market value. Around the same time, Victoria’s Secret was forced to take its website offline due to a security incident, causing issues with orders and payroll, although specific details of the breach were not made public and leaving us all exposed…
These companies have entire IT departments, yet they still fell victim to major disruptions. For smaller online operations, SMEs, etc, the consequences of a similar attack could be catastrophic.
These attacks serve as a wake-up call. Many bloggers and independent business owners mainly rely on third-party tools for hosting, payments, newsletters, or customer service. Each of these points can become a vulnerability if the provider is compromised.
If your website is attacked or taken offline, even briefly, it can mean lost income, broken trust with your audience, and long-term damage to your online reputation. Unlike big retailers, most smaller operations don’t have the resources or backup plans in place to bounce back quickly.
If you run a blog or small website, now is the time to strengthen your digital defences. Here are a few suggestions:
1. Keep your software and plugins up to date: outdated systems are often exploited. Yes it’s a pain, but let it update as soon as you see the notification and use the opportunity to go for a walk round the block or make a brew. If you have staff, make sure they all do this as well.
2. Back up your website regularly: both locally and on the cloud, so you can restore it quickly if anything goes wrong.
3. Review your third-party providers: check their security policies, and choose only those with strong reputations.
4. Train yourself and any collaborators: on basic cybersecurity practices, like spotting phishing emails or securing logins.
5. Have an incident response plan, even a simple one, so you know what to do if your site is compromised.
This is another reason why having a good web dev team behind you is essential. They are experienced in what you do. For our part, we cannot thank our team in the USA enough – their moitoring systems run 24 x 7 so they are immediately notified of any problems.
The cyberattacks on Adidas, Marks & Spencer, and Victoria’s Secret are part of a growing trend that is no longer just a problem for big business. Anyone with a digital presence is at risk, and bloggers and independent website owners need to be especially vigilant. Taking a few preventive steps now could save you a huge amount of trouble later.
Cybersecurity is no longer optional. It is an essential part of running anything online in today’s digital world.
If you need any suggestions on people to talk to, do reach out.