A series of recent cyberattacks targeting South African businesses has highlighted the growing vulnerability of SMEs, particularly those operating in the retail and e-commerce space. That’s according to cybersecurity firm J2 Software, which says small businesses can no longer rely on basic compliance measures to protect themselves.
One of the most prominent recent breaches involved e-commerce retailer OneDayOnly, which was targeted by the hacking group Kill Security (KillSec) in late 2024. The attackers reportedly gained access to customer contact information, account data and stored payment details from the company’s cloud storage. A ransom of $100,000 was allegedly demanded to prevent the release of the data online.
Another data breach, this time involving Claim Expert – a service provider previously contracted by Pick n Pay – exposed personal data of over 100,000 individuals. While the breach occurred at Claim Expert, its connection to a major retailer placed the incident in the public spotlight, raising concerns about supply chain cybersecurity risks.
J2 Software said these incidents underscore a key point: SMEs are increasingly becoming targets of cybercrime but often lack the internal resources to manage cybersecurity risk effectively.
“Cyber threats are not limited to large corporations,” said John Mc Loughlin, CEO of J2 Software. “Small and medium businesses are often more vulnerable because they don’t have the in-house capacity to build or manage advanced cyber defences.”
According to J2 Software, one cost-effective way for SMEs to enhance their protection is by using managed cybersecurity services. These services can provide access to enterprise-grade tools and expertise without the cost of building and staffing internal security teams.
“Through outsourcing, SMEs can gain continuous visibility into their security posture, benefit from real-time threat detection, and meet compliance requirements,” Mc Loughlin said.
The company said its offering includes capabilities such as deception technology, intrusion detection, vulnerability assessments and threat dashboards—designed to offer scalable protection for growing businesses.
“With the rise of data breaches in South Africa, cybersecurity is no longer optional. For SMEs, managed services offer a practical and scalable way to protect digital assets without overspending,” Mc Loughlin added.
