Follow on Google News
Co Op Cyberattack: 64% Phishing Surge Among Businesses as Other Cyber-Threats Decline, Report Finds
The Co-op recently revealed that a cyber-attack in April cost the retailer more than £206m in lost sales, disrupting payments, leaving shelves empty, and exposing the data of its 6.5 million members. And it’s not an isolated incident. Marks & Spencer, Harrods, and Jaguar Land Rover have all suffered major breaches this year, costing over £500million, underlining the rising cost of cybercrime in 2025.
Interested in the stats, analysis by Digital PR agency Reboot Online of ICO data shows just how widespread the problem is becoming. With half of UK businesses reporting an attack in the past year, the findings highlight which sectors are most at risk, how reporting lags leave firms vulnerable, and which cyber threats are growing the fastest.
Key findings:
- 14% of all incidents were not reported until more than one week after
- The marketing sector reported the largest growth of cyber security incidents at +190%
- Phishing reports increased the most of all incidents by 64% – an average of 12 per day
You can find the full dataset here.
_____________________________________________________________________________
Which cybersecurity incident had the biggest increase in reports last year?
| Incident | Number of cases reported in 2023* | Number of cases reported in 2024* | 2023-2024 percentage change | |
| 1 | Phishing | 2053 | 3366 | 64% |
| 2 | Malware | 395 | 362 | -8% |
| 3 | Ransomware | 3460 | 3011 | -13% |
| 4 | Brute force | 311 | 212 | -32% |
| 5 | Unauthorised access | 323 | 177 | -45% |
| 6 | Denial of service | 6 | 1 | -83% |
The ICO received 3,366 reports of phishing between January 2024 and September 2024 – the equivalent of 12 phishing incidents a day. Compared to 2023, it represents a 64% increase in year-on-year phishing incidents.
In second place there were 362 cases of malware. Despite this, it was an 8% fall from 2023, where there were 395 malware incidences.
At the other end in sixth place is denial of service, as the ICO was alerted to one occurrence of the attack in 2024, compared to the six reported in 2023.
Which industry has seen the biggest increase in cyber security incidents?
| Sector | Number of cases reported in 2023* | Number of cases reported in 2024* | 2023-2024 percentage change | |
| 1 | Marketing | 40 | 116 | 190% |
| 2 | Membership association | 117 | 215 | 84% |
| 3 | Social care | 153 | 266 | 74% |
| 4 | Justice | 6 | 10 | 67% |
| 5 | Health | 396 | 643 | 62% |
Reboot Online found that the marketing sector reported the largest year-on-year percentage growth for cyber security incidents. With an additional 76 reports in the first three quarters of 2024, there was a 190% increase compared to those in 2023.
The membership association saw the second largest growth from 2024, with 84% more reports at 215. While social care reported 266 incidents in 2024 – up 74% in the first three quarters of 2023
Which industry has seen the biggest decrease in cyber security incidents?
| Sector | Number of cases reported in 2023* | Number of cases reported in 2024* | 2023-2024 percentage change | |
| 1 | Media | 47 | 15 | -68% |
| 2 | Regulators | 15 | 8 | -47% |
| 3 | Finance, insurance and credit | 1310 | 790 | -40% |
| 4 | Local government | 505 | 381 | -25% |
| 5 | General business | 250 | 209 | -16% |
Media reported the largest decrease in cyber security incidents, with 68% fewer than in 2023 – down to just 15 reports.
Regulators reported 47% fewer incidents in 2024, while finance, insurance and credit noted 40% fewer.
How long did it take businesses to report incidents?
| Time Taken to Report | Number of cases reported in 2023* | Number of cases reported in 2024* | 2023-2024 percentage change | |
| 1 | 24 hours to 72 hours | 3629 | 4558 | 26% |
| 2 | 72 hours to 1 week | 1771 | 1744 | -2% |
| 3 | Less than 24 hours | 1507 | 1320 | -12% |
| 4 | More than 1 week | 1474 | 1269 | -14% |
Digital PR agency Reboot Online discovered that during the first three quarters of 2024, the majority of incidents were reported between 24 and 72 hours after the breach – up 26% from 2023 – accounting for 51% of all reports.
Thankfully there was a 14% reduction in the number of reports made by businesses more than one week after the incident occurred, claiming 15% of all reports. However, there was also a 12% decrease in those made within 24 hours.
Venky Sundar, Founder and President of Indusface explains why cyber security training is so important for businesses:
“With data breaches costing businesses an average of $4.45 million globally in the last year, it raises the question of just how critical it is for organisations to provide employees with comprehensive training on what constitutes sensitive data and how they can protect it, as well as what is at stake if they do not adhere to the policies.
“And training doesn’t have to be monotonous, for example setting up phishing email simulators to engage the team and allow them to see the potential dangers in action. These simulations show how quickly and easily attacks can happen, helping employees develop practical, hands-on skills for spotting suspicious activity.
“Cybersecurity threats evolve constantly, so training should be regular, not a one-time event. Regular training and guidance will ensure that employees receive tailored guidance on securing their work equipment, home offices, use of VPNs, and recognising the unique threats posed by both in-office and home working environments.”
_____________________________
Latest Posts
- Coaching Centre Firing Case: Khan Sir Gets Interim Relief, Investigation Continues
June 9, 2026 | Breaking News, India, Politics - Looki Expands Into Southeast Asia, Showcases AI Wearable Technology at SuperAI Singapore 2026
June 9, 2026 | AI & ML, Artificial Intelligence, Press Release, Technology - Studio De Schutter Unveils Immersive Lighting Design for Tonhain Music Studio and Concert Venue in Berlin
June 9, 2026 | Entertainment, Press Release, World - WellSpan Health Reports 66% Reduction in Workplace Violence Following Systemwide Safety Initiative with Canopy
June 9, 2026 | Health, Press Release, World - Global Nuclear Weapons Spending Hits Record High in 2025 Amid Rising Global Tensions: ICAN & SIPRI Reveal
June 9, 2026 | Breaking News, Politics, World - Donald Trump Officially Nominates Ex-Personal Lawyer Todd Blanche as Permanent Attorney General of the United States
June 9, 2026 | Breaking News, Politics, World - Israel Carried out 3,500 air strikes, Hundreds of Demolition Since the US-mediated Ceasefire : Lebanese Prime Minister Nawaf Salam
June 9, 2026 | Breaking News, Politics, World - Earthquake Strikes Western Cuba
June 9, 2026 | Breaking News, World - Historian MyNaa Swamy traced ‘Konidela’ Inscription at Tadipatri Temple
June 8, 2026 | Featured by VoM, History, India - Grass Valley Appoints Sam Craig as Vice President, Global Pre-Sales
June 8, 2026 | Breaking News, Press Release, World