Global retailers recorded 215 incidents of data breaches in 2016, according to Gemalto's Breach Level Index.
Across all industries in the Asia Pacific, there were 145 reported incidents, equating to 8% of overall breaches.
A whopping 44 of these were in Australia and with mandatory reporting not currently in effect, the numbers just represent the tip of the iceberg.
Gemalto ANZ regional director Graeme Pyper said retailers need to raise their game to meet new legislative standards.
"Encryption and authentication are no longer ‘best practices’ but necessities.
"This is especially true with new and updated government mandates like the upcoming General Data Protection Regulation (GDPR) in Europe, U.S state-based and changes to Australia’s mandatory data breach notifications.
"But it’s also about protecting your business’ data integrity, so the right decisions can be made based on accurate information, therefore protecting your reputation and your profits."
He said there have been a number of developments in the hacker space.
“The Breach Level Index highlights four major cybercriminal trends over the past year.
"Hackers are casting a wider net and are using easily-attainable account and identity information as a starting point for high value targets.
"Clearly, fraudsters are also shifting from attacks targeted at financial organisations to infiltrating large data bases such as entertainment and social media sites.
"Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid."