Cyberattacks targeting major UK retailers are expected to result in double-digit increases in cyber insurance premiums, reversing a period of declining rates.
The retail sector, which had benefited from falling premiums in 2023 and early 2024, now faces heightened scrutiny from insurers following significant breaches at companies including Marks & Spencer (M&S), Harrods, and the Co-op.
Go deeper with GlobalData
Retailers face rising cyber insurance costs after high-profile breaches
Insurers are reassessing cyber risk in the retail sector after a series of sophisticated attacks.
M&S experienced a major system outage, reportedly losing over £40 million in online sales, and may claim tens of millions of pounds for business interruption. The Co-op confirmed a data breach affecting numerous customers.
These incidents have prompted insurers to consider rate increases of up to 10% for retail clients, with some warning of potential withdrawal from the sector due to escalating risks.
Social engineering tactics exploit it help desks
Investigations revealed that attackers impersonated employees to deceive IT help desks into resetting passwords, granting them access to internal networks.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataThe UK’s National Cyber Security Centre (NCSC) has advised organisations to revise help desk protocols to prevent similar breaches.
A group named DragonForce claimed responsibility for attacks on M&S, the Co-op, and Harrods, alleging theft of staff and potentially 20 million customer records.
Government urges stronger cyber resilience amid increasing threats
The UK has experienced a significant increase in “nationally significant” cyberattacks, with 200 incidents recorded since September—double the number from the same period the previous year.
The NCSC reports that among these, 12 attacks were at the most severe level. Recent high-profile attacks have affected companies like M&S, the Co-op, and Harrods, mostly linked to ransomware groups such as Scattered Spider and DragonForce.
The government is exploring policies to ban ransom payments in critical industries.
As the retail sector grapples with these challenges, insurers are likely to adjust premiums to reflect the heightened risk environment.
Organisations are encouraged to strengthen their cybersecurity measures to mitigate potential threats and manage insurance costs effectively.
