Financial data belonging to as many as 52.8million individuals was compromised in cyber attacks in the UK in the year to 30 September 2023) a 90% increase on the 27.8m compromised in the previous year, according to data from Chaucer.

Based on declarations to the ICO by organisations that suffered a cyber attack, the number of data breaches reported involving the loss of financial data, such as credit card or bank account details, has also increased, from 1,374 in 2021/22 to 1,536 in 2022/23 (to end March)

Commenting on the figures, Ben Marsh, deputy class underwriter at Chaucer, said: “The sheer number of items of sensitive data being compromised in attacks is very concerning – especially since the maturity of corporate cyber security defences have dramatically improved in the last three years.

“Even with all these improvements, the cyber threat continues to evolve at a rapid pace, and malicious actors continue to have the upper hand – the theft of such huge amounts of sensitive data is a reflection of this. We’re seeing this now in an ever-increasing rate of ransomware attacks against networks as criminals seamlessly adopt modern malware toolsets as a method of generating revenue.”

ICO data shows an increase in successful cyber attacks against financial services providers, increasing from 259 in 2021/2022 to 722 in 2022/2023 (to end June). The Pensions Ombudsman recently revealed that it had to notify up to 17,500 individuals in an investigation into a potential data breach.

---