Home / News & Resources / Hayes Connor in the news / Insurance Sector is Being Targeted By Data Hackers

Insurance Sector is Being Targeted By Data Hackers

  • Posted on

This study offers some useful insights into how data hackers target particular sectors of the economy. It is worth noting that Health is the top target and insurance brands who partner with the NHS and its many outsourced, and in-house, rehab services should note the risks involved. Here’s the word;

Ongoing data published by the Information Commissioner’s Office reveals that the finance, credit, and insurance sector is one of the top offenders for data breaches. A recent study from leading UK data breach solicitors, Hayes Connor, has uncovered the industries most affected by data breaches. They analysed the ICO’s ongoing data security report, which shows how businesses have been conforming to GDPR since its inception.

The findings have revealed the sectors with the highest percentage of data breaches since the ICO began recording their data in 2019. The worst affected sectors, as well as the percentage of data breaches associated with this industry, are:

1. Health, 19%

2. Education & Childcare, 14%

3. Retail & Manufacture, 9%

3. Local Government, 9%

3. Finance, Insurance & Credit, 9%

6. Legal, 8%

7. General Business, 7%

8. Charitable & Voluntary, 5%

9. Central Government, 4%

9. Land or Property Services, 4%

Hayes Connor’s study found that, shockingly, the health sector made up the majority of total data breaches, taking up almost 1 in 5 cases since 2019.

Interestingly, the education and childcare sector came 2nd place, making up almost 1 in 7 cases. Joining 3rd with the finance, insurance, and credit sector is local government and retail, all making up just under 1 in 10 cases. This amounts to around 2,929 data breaches within each of the 3rd place sectors, out of the total 32,541 data breaches, since 2019.


The report also analysed the types of data that had been breached within the different sectors. The research found that basic personal identifiers being breached came up top within the finance sector, at 74%. The second highest form of data breaches involved economic and financial data, naturally, at 37%. By assuming someone else’s identity, criminals are able to access the generous UK benefits system, obtain housing, jobs, passports, banking or credit services, or even insure vehicles, all whilst being in this country illegally. Poor protection of personal ID also leads to fraud, fake insurance claims and many other crimes.

The findings also showed the different incident types behind the data breaches; the number one reason behind data breaches within the finance sector was due to data being emailed to incorrect recipients. The total number of these cases was 569. There were also 509 cases of data being posted or faxed to the incorrect recipient, and 415 cases of phishing.

It is important to bear in mind that part of the 2018 GDPR regulations require businesses to report a data breach within 72 hours. Failure to notify a breach when required to do so can result in a significant fine of up to £8.7m or 2 per cent of your global turnover. Rather concerningly, in the finance, credit and insurance sector, it’s taking over 72 hours to report 37% of their data breaches. This is leaving the sector vulnerable to large fines.

Christine Sabino, Legal Director at Hayes Connor, said, “What’s concerning is the public puts a lot of trust in industries such as the health, government, and education sectors, with the expectation that their data is going to be handled securely.

“With so many of these data breaches being caused by human error, it’s very clear that these industries are in dire need of data handling training, at the very least. With Computer Security Day arising on 30th November, now is the ideal time for businesses to rethink their data handling practices.”