Home » Cyber Security » Guides » Top 6 Biggest Data Breaches in the UK of All Time

Top 6 Biggest Data Breaches in the UK of All Time

Disclosure: All of our articles are unbased, well researched, and based on a true picture of the story. However we do sometimes get commissions from affiliate sites. Our readers get the best discount from buying from our links. Here is our complete affiliate disclosure.

Data breaches have become a common occurrence worldwide, with the US and UK topping the charts regularly over the past decade.

The frequency of the breaches isn’t limited to one or two a year. Likewise, the target of the attacks is also not limited to large organizations alone. Any big or small company that maintains valuable data like consumers’ financial records, credit card numbers, email ids, passwords is on the list of hackers.

Talking about data breaches in the UK alone, we see many breaches that affected not just corporates but also banks and even gas companies. Let’s look at some of the recent data breaches in the UK.

Massive Data Breaches of UK

Talk Talk (2015)

One of the leading telecommunication companies in the UK, Talk Talk, was hit by a cyberattack in October 2016. The data breach was initially assumed to hit a significant percentage of its 4 million customers. However, it was later reported that only 157,000 out of that 4 million customers’ data was breached. Out of the affected customers, over 15,000 bank accounts details were breached, and 28,000 debit and credit card numbers were stolen. Fortunately, the stolen card numbers were “obscured,” i.e., invalid for any transaction.

JD Wetherspoon (2015)

JD Wetherspoon, a prominent chain of pubs, suffered one of the most significant UK data breaches in 2015. The data breach was more massive than Talk Talk, affecting over 650,000 customers. The stolen data reportedly included phone addresses, email accounts, and dates of birth, which were released on the dark web for sale. Although the breach happened in mid-June, JD Wetherspoon became aware of it six months after the incident, i.e., in December 2015. The cyberattack was believed to be carried out by a Russian group.

Three Mobile (2016)

Three, the UK’s leading Telecom and Internet Service Provider, was hit by a significant data breach in November 2016. The cybercriminals used the employee login of the company to breach its upgrade database, resulting in the data theft of its customers’ names, dates of birth, phone numbers, and addresses. According to reports, over 200,000 out of 9 million customers’ data was accessed. Fortunately, the breach didn’t extend to the financial details of Three’s customers.

Tesco Bank (2016)

If we talk about data breaches at banks in the UK, the Tesco Bank data breach of 2016 comes to mind. Tesco is a British retail bank hit by a cyberattack that resulted in a loss of nearly £2.5million. The bank reportedly froze its online system when the cyberattack hit it. At first, it was reported that 20,000 Tesco Bank’s customer accounts were breached, but later the number reduced to 9,000 customers. In the wake of the attack, the bank covered the financial loss of its customer out of its pocket.

Wonga (2017)

Wonga is a payday loan company in the UK that suffered a massive data breach in April 2017. The breach put millions of its customers at the risk of data theft, which included customers’ names, bank accounts, sort codes, and the debit cards’ last four digits. According to the reports, over 240,000 of Wonga’s customers’ data was breached.

Zomato (2017)

The Zomato cyberattack is one of the recent data breaches in the UK that exposed nearly 17 million customers to a data breach. Zomato is a renowned restaurant finder with a massive cache of user data, and the breach resulted in the leak of customers’ names, addresses, email ids, and even passwords. Luckily, the breach didn’t affect the financial information of the customers as it was stored in separate servers.

It is high time we learn from the companies mentioned above' failure and starts taking precautionary steps to evade cyberattacks. There are several ways we can prevent such data breaches and identity theft attacks from affecting our life.

For instance, we can use 2-factor authentication to reinforce our account’s security. We can also avoid clicking any suspicious emails or URLs that may lead to a malware attack.

Leave a Comment