A wave of high-impact cyber incidents has hit UK organisations in 2025 — from retail giants to manufacturers.
The scale of disruption shows how quickly cyber risk is evolving for SMEs and enterprises alike.
Headline Losses in 2025
- £1.7 billion — Revenue Lost
Jaguar Land Rover’s production shutdown (Sept 2025) - 6.5 million — Personal Records Stolen
Co-op retail cyber attack (April 2025) - £300 million — Cost Impact
Marks & Spencer’s Easter ransomware attack
Major Incidents
Marks & Spencer (Easter)
Ransomware attack forces the website offline and disrupts store operations.
Co-op (Late April)
Cyber attack halts core IT systems, causing empty shelves and delays.
Over 6.5 million customer records are stolen.
April 2025: Government Data Breach
Legal Aid Agency
Hackers access sensitive personal information from applicants spanning 2010–2023.
The Ministry of Justice shuts down the public portal during the investigation.
May 2025: Harrods and Adidas Targeted
Harrods (1 May)
Attempted breach triggers restricted internet access in stores — minimal disruption but a significant warning sign.
Adidas (May)
Third-party breach exposes customer contact details, showing ongoing supply chain vulnerabilities.
July 2025: Arrests Made
UK authorities arrest four suspects (three teenagers and one adult) linked to the attacks on:
- Marks & Spencer
- Co-op
- Harrods
Investigations point to a loosely organised hacker collective.
August–September 2025: Industrial & Infrastructure Attacks
Jaguar Land Rover (31 Aug)
“Catastrophic” cyber incident forces a production shutdown across UK plants.
Collins Aerospace (19 Sept)
Ransomware attack disrupts aviation IT systems, including airport check-ins at Heathrow.
How Dunedin IT Is Responding
Dunedin IT has launched updated Cyber Security Packages designed to match different business needs and risk levels.
Legacy
Entry-level protection for budget-conscious organisations. Ideal for SMEs needing essential cyber hygiene without complex tooling.
Proactive Readiness
Built for growing SMEs seeking sensible, modern protection.
Includes:
- Phishing protection
- Microsoft 365 risk management
- Cyber Essentials readiness
- Better visibility of identity and access risks
Mitigation & Response
Full-spectrum defence for higher-risk or regulated industries.
Includes:
- Real-time threat detection
- Dark web monitoring
- Audit support
- Incident response guidance
- Advanced monitoring with Huntress and NinjaOne
All packages are aligned to major standards:
- Cyber Essentials
- ISO 27001
- CIS Controls
Coming Soon: The DIT Compliance Platform
Launching next year, this platform will help organisations:
- Measure cyber and compliance risk
- Identify gaps in protection
- Track improvements over time
- Prepare for Cyber Essentials and Cyber Insurance requirements
Reserve early access to gain a strategic advantage in managing risk and demonstrating compliance.
