More than a quarter of charities attacked by cyber-criminals

More than a quarter of charities have fallen victim to a cyber-attack over the last year, official figures have revealed.

The Department for Digital, Culture, Media and Sport (DDCMS)’s Cyber Breaches Survey for 2021 found that 26% of charities have reported either a cyber security breach or attack over the last 12 months. This compares to 39% of businesses over the same period.

Larger charities, which conduct more of their business online, are more likely to fall victim to cyber-criminals. Attacks were cited by 51% of high-income charities.

Among charities attacked, around a quarter (23%) experience a breach or attack at least once a week. The most common are phishing attacks, which are experienced by more than three quarters of charities affected by cybercrime.

In around a fifth (18%) of cases charities end up losing money, data or other assets. Four in ten charities report being negatively impacted regardless of data or money being lost. This may be because they require new post-breach measures or have to divert staff time to deal with any disruption, says the DDCMS

The Covid-19 health crisis has stretched many charities’ cyber security resources, with more transactions made online and an increased number of staff working remotely, adds the DDCMS.

However, only seven in ten (68%) charities say that cyber security is a “high priority” for their trustees. Although this proportion is higher than three years ago, when it was listed as a priority for just 53% of charity trustees.

Just a quarter (23%) of charities have cyber security policies in place that cover the growth of home working among organisations during the Covid-19 pandemic, the DDCMS also found. A similar proportion have policies that cover the use of personal devices for work.

“Under the pandemic, organisations are perhaps less aware of the breaches and attacks they are facing,” says the DDCMS.

“Upgrading hardware, software and systems has also become more difficult.

“With staff working at home, there are more endpoints for organisations to keep track of.

“In this environment, we have seen falls in the proportions of businesses and charities taking more basic actions like updating their anti-malware across devices and setting up network firewalls.”

    Share Story:

Recent Stories


How to elevate your non-profit storytelling with data and performance metrics.
Sage Intacct the non-profit financial management platform, takes a look at giving trends and insights.

What has the pandemic taught us about the public’s perception of charities?
In this episode of the Charity Times Leadership podcast, we take a look at what the pandemic has taught us about the public’s perception of charities. Charity fundraising platform, Enthuse, recently released its quarterly donor research study, which highlighted significant shifts in donor behaviour throughout the duration of the pandemic. Not only does the report highlight an overarching sense of positivity towards the sector, but a propensity for younger generations to give more generously, too. Lauren Weymouth is joined by Enthuse CEO, Chester Mojay-Sinclare to discuss more.

The importance of the ‘S’ in ‘ESG’
In this episode, Lauren Weymouth is joined by Ketan Patel, equities fund manager at EdenTree, to delve into the issue of social investment and why that all-important ‘S’ in ESG is more relevant now than ever before. The social element of ESG often gets forgotten when thinking about investing in more ethical and sustainable ways. But, after a challenging year for all areas of society, social injustice has been highlighted, and there’s a much greater need for charities to put people at the heart of their investment decisions.