Let us know about free updates
Simply sign up for Myft Digest in the retail division and it will be delivered directly to your inbox.
UK retailers are likely to face a sharp rise in cyber insurance after undermining attacks on Mark and Spencer, Harrods and co-ops, adding even more pain to the already rising premium sector.
According to Dan Leahy, cyber chief at broker BMS, retailers could face a 10% increase in interest rates following the recent hacking incident.
“This will hopefully result in underwriters being more scrutiny in cybersecurity management, raising fees and some insurers rethinking whether to write cyber insurance for retail,” Leahy said.
According to Nick Barker, cyber director at broker Gallagher, cyber insurance prices fell 20% in 2023 and 15% in 2024 as insurance companies competed for business.
However, a series of ransomware attacks and data breaches have shaking the market and started sending higher rates in sectors such as retail, healthcare, education and transportation. The broker said that once the policy is updated in 2026, retail prices are expected to rise further.
“We encourage all clients who currently do not purchase cyber insurance to purchase while still in the ‘buyer market’,” Gallagher warned the client this week in a memo about the incident.
According to one broker, UK retailers typically pay around ÂŁ20,000 per pound insurance coverage, but the final amount varies widely based on the size and need of the company.
According to senior brokers, M&S’s business interduller-influenced insurance claims could range in tens of millions of pounds as they could have lost revenues of more than ÂŁ40 million based on the extrapolation of the average daily online sales average. Cybersecurity experts say it could take a company several months to fully recover its business.
M&S declined to comment. Retailers work with government and law enforcement.
The company revealed last month that it had been compromised and was unable to accept online orders for almost two weeks while trying to restore operations.
Co-op confirmed on Friday that it can access and extract names and contact details of a considerable number of customers after saying that cybercriminals first dodged the attack. Both chains work to fill empty shelves in some stores.
Retailers’ large amounts of consumer data, legacy computer software, and help desk operators have become vulnerable to attacks by fielding calls from customers.
In its annual report released Thursday, Tesco said “The importance of cybersecurity is paramount,” and will regularly test cybersecurity defenses using independent third-party agencies.
Several of the senior leaders added that they took part in a series of crisis simulations, including cyberattacks. These are usually kept secret until a few days ago to make them as realistic as possible. One such exercise run by PWC in 2023 targets “business critical systems that involve no cultivation operation,” with ransomware attacks.
Recommended
According to Helen Nuttall, head of cyber incident management at UK broker Marsh, ransom payments could potentially be recovered from insurers, according to the costs of implementing crisis managers such as ransomware negotiators, credit surveillance experts and public relations experts.
M&S has not said whether to pay the ransom or not. This is a controversial but unprohibited practice. However, ransom-seeking threat actors are associated with authorized entities and can complicate decisions regarding whether to pay and the final insurance claim.
Earlier this week, the UK cybersecurity agency warned retailers to warn cybercriminals who are pretending to be it.
Nuttall said such hackers are often English-speaking, UK and US-based, known for running “very sophisticated social engineering campaigns.”
