Growing cybercrime threat to UK Charities

Charities face an escalating cyber threat that is becoming impossible to ignore. According to the UK Government’s Cyber Security Breaches Survey 2025, 30% of charities experienced a cyber breach or attack in the past year, which equates to around 61,000 organisations. These incidents are not isolated; they represent a persistent risk that threatens financial stability, reputation, and operational capacity.

Phishing remains the most common attack method, affecting 86% of charities that reported a breach. These scams are increasingly sophisticated, often using artificial intelligence to craft convincing emails that impersonate trusted colleagues or suppliers. Business email compromise and impersonation attacks accounted for 35% of incidents, while malware was responsible for 14%. These figures highlight how attackers exploit trust and human error rather than relying solely on technical weaknesses.

Damage from cyber attacks

The impact of these attacks is severe. While the average cost of the most disruptive breach for a charity is estimated at £3,240, some organisations have faced losses as high as £350,000.

Beyond financial damage, the consequences include service disruption, reputational harm, and potential regulatory penalties under UK data protection law. For charities that rely on public trust and donations, a single breach can have long-term consequences. These figures underline the scale of the problem and the urgent need for action.

Increasing sophistication and preventable risks

The threat landscape is becoming more complex. Ransomware attacks, while less frequent than phishing, are increasing in sophistication and impact. A single ransomware incident can lock critical systems, halt operations, and expose sensitive data.

Misconfigured systems are another growing risk, with incidents linked to configuration errors rising by more than sixfold since 2020. These vulnerabilities often stem from limited resources and investment in IT and a lack of dedicated IT staff, leaving charities exposed to preventable risks.

Despite these dangers, many charities remain underprepared. Only 26% conducted a cyber security risk assessment last year, and fewer than one in five have an incident response plan in place. This lack of readiness leaves organisations vulnerable to repeat victimisation and amplifies the damage when attacks occur.

Prioritise cyber security

Cyber security is no longer a back-office issue; it is a leadership priority. Trustees and senior managers must ensure that basic protections such as multi-factor authentication, regular backups, and staff training are in place.

Free resources from the National Cyber Security Centre, including the Small Charity Cyber Security Guide and Cyber Essentials certification, provide practical steps to strengthen resilience.

Armstrong Watson’s Cyber Security Solutions services can help charities identify weaknesses through an independent security health check, providing actionable recommendations on how to improve cyber resilience and mitigate risk.

Cyber breach recovery

If your charity has suffered a financial loss as a result of a cyber attack, Armstrong Watson’s Restructuring and Insolvency specialists can offer advice on how to turn matters around.

They can advise the board on their legal duties, how to prioritise actions to stabilise the charity’s financial position, assist in communicating with key stakeholders and regulators, as well as evaluate recovery options.

The message is clear: cybercrime is not a distant threat. It is here, it is growing, and it is targeting charities. Protecting sensitive data and maintaining public trust requires urgent action. In a digital-first world, cybersecurity is not optional—it is essential.