FOI reveals increase in cyber breach incidents reported to FCA by brokers
A Freedom of Information request by Insurance Age has revealed that the number of cyber breach incidents reported to the Financial Conduct Authority has increased for insurance intermediaries but dropped for regulated firms altogether.
The authority explained that it held records of material operational incidents reported directly by individual firms including any incidents that were a result of cyber-attacks.
The number of cyber breaches reported by insurance intermediaries rose from 12 in the financial year of 2020/21 to 15 in 2021/22.
Even though it was only a small increase it was the first in a couple of years with the 2019/20 figure also having been 12.
Despite the uptick the most recent result was still below the 22 reported breaches in 2018/19.
Overall
The amount reported to the watchdog by the sector overall, including general insurers, aggregators and brokers, in 2021/22 was 20 meaning that the majority of cyber incidents were aimed at intermediaries last financial year.
The total was down from 26 the year before but overall the numbers for the width of the insurance market have remained consistent. The highest result was 28 in 2018/19 with the lowest being 16 in 2019/20.
The response to the FOI detailed that the number of cyber incidents reported for all FCA regulated firms in 2021/22 was 98. This was a sharp drop from 153 in 2020/21.
For the entirety of regulated firms the figures have fluctuated year-on-year with 138 reported in 2018/19 and a low of 113 in 2019/21.
Confirmed cyber incidents and costs
There has been a series of high-profile cyber incidents involving general insurance brokers in recent years.
In February, Aon confirmed a cyber incident that impacted a limited number of systems. The firm stated that its ability to serve clients was not damaged by the event. The global giant did not confirm at the time of the attack whether its UK general insurance broking was affected.
In September last year, DNA Insurance confirmed that a number of phishing emails were sent from a staff member’s account. No other accounts across the group were compromised. And in May 2021 One Call fell victim to a ransomware incident.
Verlingue reported in July 2022 that a cyber attack which happened in November 2021 cost the business £121,807. The attack cost £363,161 but was mitigated by cyber insurance over.
Previously, in 2020, both Ardonagh Group and Gallagher were hit by separate attacks which saw Ardonagh take remedial action and Gallagher take some systems offline for a period.
For all the latest industry news direct to your inbox, sign up for our daily newsletter.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@insuranceage.co.uk.
You are currently unable to print this content. Please contact info@insuranceage.co.uk to find out more.
You are currently unable to copy this content. Please contact info@insuranceage.co.uk to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@insuranceage.co.uk
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@insuranceage.co.uk