Nearly two dozen companies have been hacked in cases similar to the Target breach and more almost certainly will fall victim in the months ahead, the FBI recently warned retailers, according to an official who was not authorized to speak publicly. The names of all of the compromised firms have not been revealed, nor is it clear how many shoppers have had their credit card numbers and other personal data stolen.

Banks, retailers and policymakers have been slow to address the growing sophistication of cybercriminals. Only 11 percent of businesses have adopted industry standard security measures, said a recent report by Verizon Business Solutions, and outside experts say even these “best practices” fall short of what’s needed to defeat aggressive hackers lured by the prospect of a multimillion-dollar heist.

“You’re going to see more and more people trying this,” said Nicolas Christin, a security researcher at Carnegie Mellon University. “If you just saw your neighbor win the lottery, even if you weren’t interested in the lottery before, you may go out and buy a ticket.”