Black Kite Report: 70% of Retailers, 60% of Wholesalers Exposed to Credential Theft
Event summary
- Black Kite's 2026 Wholesale & Retail Report found 70% of major retailers, 60% of wholesalers, and 52% of supply chain vendors have exposed credentials.
- 42% of critical supply chain vendors are exposed to at least one vulnerability from the CISA Known Exploited Vulnerabilities (KEV) Catalog.
- 17% of retail ransomware victims had revenue over $1B, while 39% of wholesale victims were mid-market ($20M–$100M).
- Professional & Technical Services (793) and Information (705) vendors dominate the supply chain, totaling 1,498 companies.
The big picture
Black Kite's report highlights the growing threat of cyberattacks targeting the interconnected wholesale and retail sectors through shared supply chains. The findings underscore the need for unified defense strategies as attackers exploit vulnerabilities in common vendors, emphasizing the shift from physical to digital supply chain risks. The report's data on credential theft and ransomware victim profiles suggests a strategic focus on high-value extortion and volume-based attacks on smaller enterprises.
What we're watching
- Credential Theft
- How the widespread presence of exposed credentials will drive ransomware attacks across interconnected wholesale and retail ecosystems.
- Supply Chain Vulnerabilities
- Whether retailers and wholesalers can unify defense strategies to mitigate systemic risks from shared supply chain vulnerabilities.
- Regulatory Compliance
- The pace at which companies will prioritize patching CISA KEV vulnerabilities to reduce financial and operational exposure.