January 22, 2026 The rise of interconnected supply chains is leaving the retail and wholesale industries vulnerable to increasingly sophisticated cyberattacks, according to a new report from Black Kite. The report, titled “2026 Wholesale & Retail Report: Cyber Exposure in the Age of Digital Supply Chain Attacks,” reveals how hackers exploit shared vendors and IT systems, making these two sectors prime targets for widespread disruption.
Ferhat Dikbiyik, Chief Research & Intelligence Officer at Black Kite, emphasized that the true threat to these sectors lies in their shared supply chain, not just the physical infrastructure. “The bottom line is that wholesale and retail’s greatest risk is their shared supply chain, and as we have seen time and time again, just one vulnerability in a common vendor can create systemic impact affecting both simultaneously,” Dikbiyik stated.
This interdependence between wholesale and retail is now a focal point for cybercriminals who view both industries as part of a unified target. The report highlights the need for businesses to adopt more advanced third-party risk management strategies to address these vulnerabilities.
According to the findings, the rise in cyber threats has been accompanied by widespread credential theft. Over 70 per cent of major retailers, nearly 60 per cent of wholesalers, and 52 per cent of supply chain entities have exposed credentials. This widespread vulnerability has left companies open to attacks, with credentials often being the first access point for threat actors.
In terms of ransomware, the report shows that 17 per cent of ransomware victims in the retail sector had revenues exceeding $1 billion, indicating that large corporations are high-value targets for cybercriminals seeking extortion opportunities. On the other hand, 39 per cent of wholesale ransomware victims had revenue in the mid-market range of $20M to $100M, with attackers targeting smaller enterprises for a higher volume of breaches.
A key finding of the report is the vulnerability of critical supply chain vendors, with 42 per cent exposed to at least one flaw listed in the CISA Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are actively being exploited by ransomware groups, creating a ticking time bomb for companies that fail to address them.
As the cyber risk landscape continues to evolve, Black Kite urges businesses to prioritize securing their shared supply chains and improving third-party risk management. By focusing on identifying and addressing the weakest points within their ecosystems, companies can minimize the potential damage from these growing cyber threats.
