A digital alert icon over glowing binary code represents a cyber security threat or data breach.

The Biggest UK Cyber Attacks of 2024 to Date

When over 500 potential threats are being clocked every second, according to BT data, it’s no wonder cyber security is a high priority for organisations. 

There is a rising cyber threat to our digital economy and this has been acknowledged by the UK government. In the King’s Speech earlier this year, it was highlighted that more needs to be done to secure the UK’s cyber defences and the new Cyber Security and Resilience Bill will aim to tackle this growing issue.

Let’s take a look at the biggest cyber attacks that have made the news in 2024 so far.

Company: Southern Water

Month of cyber attack: February | Industry: Essential Services

What happened?

On 12 February 2024, Southern Water announced that data from a limited part of their server estate had been stolen following an illegal intrusion into their IT systems. This incident was discovered during an ongoing investigation into suspicious activity.

Who was affected?

Southern Water’s operations and services to customers were not affected by the cyber attack but a data breach did occur.

The breach affected some of Southern Water’s customers, as well as current and former employees. Approximately 5-10% of their customer base was notified that their personal data might have been impacted.

Company: The Billericay School

Month of cyber attack: May | Industry: Education

What happened?

During the half-term holiday in May 2024, The Billericay School in Essex experienced a significant cyber attack. The school’s IT systems were compromised, leading to a “critical incident” where sensitive data was potentially accessed by unauthorised individuals.

Who was affected?

The breach affected students, parents, and staff. The names, addresses, and medical notes of students, as well as contact details of parents and carers, were potentially accessed by the attackers. The school had to close temporarily to address the issue.

Figures from the Information Commissioner’s Office reveal that in the education and childcare sector, 347 cyber incidents were reported in 2023, a shocking 55% increase from 2022. These statistics highlight a growing threat to the education sector and the increasing importance for schools and colleges to enhance their cyber security solutions.

Company: NHS

Month of cyber attack: June | Industry: Healthcare

What happened?

On 3 June 2024, Synnovis, a pathology laboratory that processes blood tests for several NHS organisations, primarily in South East London, was targeted by a ransomware attack. The attack was carried out by a cyber criminal group who claimed to have stolen and published sensitive data from Synnovis’ systems.

Who was affected?

The breach potentially impacted patients whose blood tests were processed by Synnovis. The stolen data included sensitive patient information, although the full extent of the data compromised is still under investigation. The attack caused significant disruption to blood testing services in South East London, leading to delays and rescheduling of some medical appointments.

Company: CrowdStrike

Month of cyber attack: July | Industry: Technology

What happened?

On 19 July 2024, CrowdStrike, a cyber security company, released a faulty update to its Falcon Sensor security software.

This update caused widespread issues with Microsoft Windows computers running the software, leading to a massive IT outage.

Who was affected?

The outage had a broad impact, approximately 8.5 million Windows devices worldwide experienced crashes and were unable to restart properly. Airlines, hospitals, banks, and governmental services experienced significant disruptions to their services.

For example, UK GP services lost access to patients test results and appointment information, causing major disruption to services.  

Although it has not been quantified yet, the financial damage from this incident is estimated to run into the billions.

Company: Transport For London (TfL)

Month of cyber attack: September | Industry: Transport

What happened?

On 1 September 2024, Transport for London (TfL) detected suspicious activity on their IT systems. This led to the discovery of a significant cyber attack that involved unauthorised access to customer and staff data.

Immediate action was taken by TfL and an investigation was launched in collaboration with the National Crime Agency and the National Cyber Security Centre.

Who was affected?

TFL have announced that nearly 5,000 customers have been impacted by the data breach, confirming that customer names and contact details were accessed. With the possibility that bank account numbers, sort codes and Oyster card refund data may have also been accessed.

Letters have been posted to these customers detailing the attack, but despite the breach, the physical TfL transport services have been unaffected by this cyber attack.

What should I do if my details have been compromised in a data breach?

If your data is accessed by a cyber criminal in a data breach, it’s crucial to act quickly to minimise potential damage.

Steps to action if your data has been compromised:

  1. It’s vital that you change your passwords for all affected accounts, and consider using a password manager to create strong, unique passwords.
  2. You must ensure two-factor authentication (2FA) is enabled wherever possible. This acts as an essential layer of security for all of your accounts.
  3. It is advised that you monitor your financial accounts and credit reports for any unusual activity. If you spot a suspicious transaction, you should immediately report this to your bank or credit card company.
  4. Stay informed about the breach and follow any additional recommendations from the affected company or cyber security experts.
How can cyber attacks and data breaches be prevented?

To help prevent your organisation from falling victim to a cyber attack and suffering a data breach, you must implement robust cyber security solutions, ensure your systems have on-going monitoring and you should provide regular cyber security training for your team.

Organisations should be doing everything they can to secure their systems and data. Having the appropriate processes in place is also important when it comes to getting ISO27001 accredited and in doing so, this will provide certainty to other businesses and individuals that you are adhering to data protection standards.

We are proud that in 2024 Sharp UK’s IT Services Division have been re-certified for ISO27001, demonstrating our ongoing commitment to protecting both our and our clients’ data.

A quick guide to preventing cyber attacks:

If the situation arises, where you do fall victim to an attack and experience a data breach, ensuring you have a Backup and Disaster Recovery plan in place will help you to recover data and limit operational disruption.

You might be interested in the new Cyber Security and Resilience Bill