Information on cyber breach incidents reported to the FCA - May 2026


Reference Case Number: FOI2026/00797

Freedom of Information: Right to know request:

Please provide information relating to cyber breach incidents reported to the FCA.

FCA response:

By way of background, it may be helpful to know that we hold centralised records on major operational incidents reported to the FCA by individual firms under SUP 15.3 and Principle 11 – this includes incidents that are the result of cyber-attacks. Therefore, the figures provided below do not include incidents at FCA-regulated firms that have not been reported directly to the FCA.

We have interpreted your reference to ‘cyber breach incidents’ to include all reported cyber incidents and not just those relating to a data breach. Please note that all data is accurate as of 15 April 2026 and may be subject to change due to ongoing investigations and incidents.