Cybersecurity remained a headline-grabber in 2024, with businesses of all sizes experiencing major breaches and operational challenges. From ransomware attacks crippling healthcare to the unexpected catastrophic fallout of a security update gone wrong, this year has been a wake-up call for organisations worldwide. For small and mid-sized businesses (SMBs), these events underline the urgent need to invest in robust cyber defences.
Here’s our roundup of the biggest cybersecurity incidents of 2024, with our best tips to strengthen your security posture heading into 2025.
1. Southern Water: critical infrastructure breach
In February, Southern Water, an essential services provider, suffered a breach when attackers accessed and stole data from their IT systems. While customer services continued uninterrupted, the breach affected 5-10% of customers and numerous current and former employees.
This incident demonstrates how even sectors with critical infrastructure remain vulnerable, emphasising the importance of proactive threat monitoring.
2. Education under attack: The Billericay School
The education sector has faced increasing cyber threats, as highlighted by the attack on The Billericay School in May. Over half-term, cybercriminals accessed sensitive data, including student medical records and parent contact information.
The 2024 Cyber security breaches survey, has an entire addendum that focuses on the education sector. Staggeringly, in the last 12 months, 52% of primary schools, 71% of high schools, and 86% of higher education colleges have all identified a breach that has negatively impacted them.
3. NHS and Synnovis ransomware attack
Healthcare was another frequent target, with the June ransomware attack on Synnovis disrupting NHS pathology services in South East London. Sensitive patient data was stolen and published, causing delays to critical blood testing services.
This incident highlighted not only the devastating operational impacts of ransomware but also the growing boldness of cybercriminal groups.
4. CrowdStrike: faulty update sparks chaos
Even cybersecurity giants can stumble. In July, CrowdStrike‘s Falcon Sensor software update caused crashes on approximately 8.5 million Windows devices globally. While not a malicious attack, the disruption hit industries ranging from healthcare to aviation, with UK GP services particularly hard-hit as access to patient data was temporarily lost.
The financial impact of this mishap is estimated to run into billions, serving as a cautionary tale for the tech sector to prioritise rigorous update testing before rollouts.
5. Transport for London (TfL): customer data breach
In September, TfL uncovered unauthorised access to customer and staff data, affecting nearly 5,000 customers. While the attack didn’t disrupt physical transport services, stolen data—such as names, contact information, and potentially bank details—posed significant risks to affected individuals. This breach emphasises the importance of protecting customer data, even in sectors traditionally focused on physical infrastructure
Rising threats and trends in 2024
- API exploits on the rise: The Trello incident exposed over 15 million accounts through poor API security. This trend highlights a growing attack vector SMBs must address as they adopt more integrated platforms
- Targeting critical services: From water utilities to healthcare, cybercriminals are increasingly focusing on industries with limited tolerance for downtime. SMBs providing critical services should prioritise resilience
- Human error and supply chain risks: The CrowdStrike mishap underscores how internal processes can pose risks alongside external threats. For SMBs reliant on third-party tools, supply chain security remains vital
Looking ahead: 2025 and beyond
If 2024 has taught us anything, it’s that no organisation (in size or industry) is immune to cyber threats. As SMBs continue adopting new technologies, prioritising a comprehensive cybersecurity strategy is essential.
So, what can you do to stay ahead of the curve?
We have asked our experts to have the last word and tell us about what they think the focus of 2025 should be….
Gareth Lockwood, Chief Product and Technology Officer –
“Strengthen your data privacy and compliance programmes. Implement governance and control protocols to reduce the risk of insider threat internally and throughout your supply chain.”
Charlie Milton, VP Strategic Alliances –
“Invest in cybersecurity training tailored to your team and clients. Deliver regular, engaging training sessions for your internal teams and end-user clients. Focus on phishing, social engineering, and hybrid work vulnerabilities to foster a security-first mindset across your ecosystem.”
Ryan Murphy, Sales Director –
“Adopt a zero trust approach. Embrace the “never trust, always verify” mindset to enhance security for both individuals and organisations.”
Don’t wait until you become included in an incident round up like this — act now to protect your business and customers.
Let’s make 2025 the year your business takes cybersecurity to another level.
