ICO sees breach reports from FS firms triple

UK financial services firms reported 640 cyber security breaches to the Information Commissioner’s Office in the year to 30th June 2023, representing a threefold increase on the 187 cyber security breaches in the previous period, according to research conducted by law firm RPC.

The pensions sector reported the biggest jump in breaches, rising from six in 2021/22 to 246 in 2022/23 – a staggering 4,000% increase.

Whilst it is not very clear if these numbers reflect a rise in incidents, or merely in the reporting of them to the ICO, the numbers should still ring alarm bells for the pensions sector in particular.

Richard Breavington, partner and head of cyber and tech insurance at RPC said that for pension schemes in the UK, trustees can be held liable for failure to manage cyber risk appropriately.

"Cyber security is fundamental to pension scheme trustees' legal duties. It’s a cause for concern that so many financial services firms, especially pension schemes, have suffered some form of cyber attack, resulting in a data breach,” he said.

“The assumption might sometimes be that major financial services businesses have robust cyber defences so that they are impervious – that certainly hasn’t stopped hackers continuing to try.”

    Share Story:


Deborah Ritchie speaks to Chief Inspector Tracy Mortimer of the Specialist Operations Planning Unit in Greater Manchester Police's Civil Contingencies and Resilience Unit; Inspector Darren Spurgeon, AtHoc lead at Greater Manchester Police; and Chris Ullah, Solutions Expert at BlackBerry AtHoc, and himself a former Police Superintendent. For more information click here

Modelling and measuring transition and physical risks
CIR's editor, Deborah Ritchie speaks with Giorgio Baldasarri, global head of the Analytical Innovation & Development Group at S&P Global Market Intelligence; and James McMahon, CEO of The Climate Service, a S&P Global company. April 2023