How we Compile the Cyber Attack and Data Breach List

01 Jun 2022

Cyber attack and data breach list 2022 – what, why and how?

cyber target wallpaper

Published on

Bob Nicolson | Head of Consultancy

Why do we make the list?

We have recently began documenting all UK cyber attacks and data breaches.

Early in 2022 I sat down to do some research for a client who wanted to know the prevalence of cyber attack in their industry in the UK.  I expected it to be a 30 minute job, a quick final task before heading for the day.  Four long hours later I regretted my earlier promise of delivery before the end of play.  To my astonishment and frustration there just wasn’t a list of UK cyber attacks to be found – ANYWHERE!

That’s when the idea to create a definitive list of UK cyber attacks and data breaches was born.

I could see the benefits to clients, security professionals and students alike.  A source of information when having discussions with internal stakeholders, a view of the ever evolving threat landscape, and an illustration of how or how not to manage the public relations side of incident response.

And some five months later we are ready to go.

How do we make the list?

What became immediately clear that fateful evening was that to list every cyber attack and data breach in the UK on a monthly basis would be no easy task.  As both were getting more prevalent, so the disclosure was getting more obscure.  Small cyber breaches are often only reported in local press, and there are a plethora of digital, global and national sources to incorporate as well. 

In the end we had to bring in about 10,000 feeds for the full picture, and condense it down with some AI, a bit of text based logic and a great deal of human analysis!  It’ll definitely be a while before the machines take over….

What’s the criteria for inclusion?

We filter news stories on the following basis:

  • We filter news stories on the following basis:
  • The incident is either a cyber attack or a data breach
  • The first reported date was the in current month
  • The impacted company is registered in the UK, or it is otherwise obviously in the UK

Feedback ?

If you have any feedback, or you think we have missed an incident, I would be delighted to hear.  Please email me on the address below.

To view the full list of Uk data breaches and cyber attacks please follow this link.

Published on

Bob Nicolson | Head of Consultancy