Cybercrime is on the rise. Whether you're managing a retail or charity store, cyberattacks are no longer a matter of if but when. The UK Cyber Security Breaches Survey 2025 paints a clear picture:
-
43% of UK businesses and 30% of charities experienced a cyberattack in the past 12 months. That’s approximately 612,000 businesses and 61,000 charities.
-
Among medium to large organisations, the threat is even more pronounced:
-
67% of medium businesses
-
74% of large businesses
-
The Most Common Threats in 2025
The nature of cyberattacks is evolving. Criminals are taking advantage of tools like AI to enhance the scale, believability, and damage of their attacks.
1. Phishing
Phishing remains the most common attack method, affecting 85% of UK businesses, according to the Cyber Security Breaches Survey. These emails are increasingly hard to detect, often written using AI and impersonating senior colleagues or suppliers.
“We’re seeing AI impersonation and deepfake voice notes targeting internal comms. One team member nearly authorised a payment based on a faked voicemail.”
– Large Retail Chain IT Manager, quoted in GOV.UK 2025 Cyber Survey
2. Ransomware and Business Email Compromise
Ransomware attacks are becoming more complex, with attackers using double and triple extortion tactics. This means they not only lock your systems but also threaten to leak or sell your data if their demands aren't met.
3. Supply Chain Vulnerabilities
Many charities and retailers rely on third-party suppliers for core services. If even one link in that chain is compromised, it can create serious downstream effects on operations and security.
The Cost of Cyberattacks
The financial impact of a cyber breach is far more than a temporary disruption.
| Organisation Type | Average Cost of Most Disruptive Breach |
|---|---|
| Small Business | £1,600 |
| Charity | £3,240 |
| Medium or Large Business | £8,260 per breach |
| Serious Breach (Medium Org) | £4.3 million |
Ransomware and Phishing – Two Sides of the Cyber Threat Facing Retailers and Charities
In early 2025, a major high-street fashion retailer suffered a crippling ransomware attack that brought their point-of-sale systems to a standstill across 180 store locations. The outage lasted four days, resulting in approximately £7 million in lost sales and the exposure of over 200,000 customer records. The breach was traced back to a compromised supplier login, which attackers used to gain unauthorized access to the retailer’s systems.
Just weeks later, a UK-based charity focused on homelessness support fell victim to a targeted phishing scam. Fraudsters created a spoofed payment page that redirected online donations, leaving the organisation with over £25,000 in recovery costs. Donors had to be notified, and the charity was forced to overhaul its security systems. Investigations highlighted internal training gaps and the absence of multifactor authentication as major contributing factors.
These two incidents, though in very different sectors, underscore the growing need for robust cybersecurity practices across all types of organisations, regardless of size or mission.
What You Can Do Right Now
-
Review staff training — phishing emails are still the most common way in.
-
Check your backups — make sure they're recent and tested.
-
Limit system access — use role-based permissions and 2FA wherever possible.
-
Audit your tech stack — ensure suppliers follow best security practices.
-
Talk to your tech partners — ask how they're helping you stay secure.
At Cybertill, we understand the specific needs of retailers and charities. That’s why our systems are built with robust security measures and compliance as standard.
Secure Cloud Infrastructure
All data is encrypted and securely hosted in the cloud, reducing the risk of local hardware attacks and allowing for rapid disaster recovery.
Role-Based Access and Two-Factor Authentication
Granular permissions mean only the right people have access to sensitive information. Built-in two-factor authentication further reduces risk.
Real-Time Patching and Software Updates
Our systems are continuously monitored and updated with the latest security protocols, helping to close vulnerabilities before they’re exploited.
Why your till operating system matters in the fight against cyber-threats
In our previous section we covered the growing volume of cyberattacks targeting retailers and charities, including phishing, ransomware and supply-chain vulnerabilities. But there’s another layer to your defence posture that often gets overlooked: the operating systems behind your checkouts and tills.
If your till systems are still running on an unsupported OS, you’re essentially handing attackers an open door. That’s why the team at Cybertill has published a timely warning: “Important Notice: Upgrade Your Till OS Before 2026”.
Here’s how it ties into the broader cyber-risk landscape:
-
Security patches stop = vulnerabilities multiply. In the notice we learn that versions such as Windows 10 Enterprise LTSB will no longer be supported after October 2026. Once the updates stop, attackers know exactly which holes to exploit.
-
Compliance falls away. Unsupported OS versions can raise red flags when it comes to payment-card-industry requirements (PCI-DSS) and other regulatory frameworks.
-
Operational disruption becomes more likely. When a till OS is compromised (especially one without ongoing support), you may face outages, data breaches or integrity failures. Given the statistic earlier that 43 % of UK businesses and 30 % of charities experienced an attack in the last year, the risk is real.
-
It’s not just about “nice-to-have” upgrades. Early planning matters.
What to do next:
-
Review all your till systems and identify the OS version. Are you still on LTSB, or an un-supported version?
-
If you’re using a version set to reach end-of‐life in 2026, engage with your EPOS/retail platform provider now about a migration plan.
-
Build the upgrade into your operational and security roadmap, so it doesn’t become a last-minute scramble.
To read the full upgrade advisory and plan your next steps, check out the Cybertill notice here: Important Notice: Upgrade Your Till OS Before 2026
At Cybertill, we pride ourselves in cybersecurity, which is why we achieved Cyber Essentials Certification. This marks a significant step forward in strengthening our cybersecurity posture and aligns with our long-standing commitment to protecting the sensitive data entrusted to us by our customers and partners.
Our journey doesn’t stop here. Over the next 90 days, we’ll be working toward Cyber Essentials Plus, a more advanced certification that involves in-depth technical audits, vulnerability scans, and real-world attack simulations carried out by independent assessors. you can read more about it here
Contact the Cybertill team to learn how our secure, cloud-based solutions can help protect your business while streamlining day-to-day operations.
