Cyber threats skyrocket against UK budget office

18 Nov 2025

Contact company

Add as a preferred source Download PDF version

Quick Read ⌵

Summary is AI-generated, newsdesk-reviewed

Cyber threats against UK's budget office surge 162% amid economic policy announcements.
Phishing identified as leading cyber risk for UK organisations, with attacks expected to rise.
Cybersecurity experts urge enhanced measures to safeguard Budget-related sensitive data.

Cybersecurity threats targeting the UK's Office for Budget Responsibility have seen more than a twofold increase over the past year, coinciding with Rachel Reeves' upcoming critical Autumn Budget.

On 26 November, Reeves is expected to unveil a series of economic measures aimed at tackling the rising cost of borrowing within the UK. Among potential adjustments are anticipated increases in income tax and inheritance tax.

Email attack surge

According to data obtained through the Freedom of Information (FOI) Act and analysed by the Parliament Street think tank, there has been a marked increase in blocked email threats handled by the department.

Over the last year, rejected emails soared to 238,678, a notable rise from 90,958 the prior year, marking a 162 per cent surge.

Andy Ward, SVP International at cybersecurity firm Absolute Security, commented on these developments, stating, "Cyber risks are heightened in the lead up to big events like the Budget, with cybercriminals targeting confidential economic forecasts and spending plans which could be used to influence markets."

Predominant threat: phishing

Phishing remains the primary cyber threat, as reported by the government, with significant concern expressed by security experts. "Our latest research found that 60% of security leaders indicated they expect cyber-attacks to increase in the next 12 months, and this spike is almost entirely driven by human-centric exploitation," continued Andy Ward.

With critical events on the horizon, organisations are urged to enhance their security measures to safeguard sensitive information and quickly recover operations post-incident.

Data from the National Cyber Security Centre (NCSC) underscores the severity of the situation, revealing that the UK faces four "nationally significant" cyber-attacks weekly, each with the potential to disrupt vital services. With attacks rising for the third consecutive year, the NCSC emphasises the need for robust protective actions from organisations.

Show full press release

Cyber threats against the Office for Budget Responsibility have over doubled in the past 12 months, ahead of Rachel Reeves’ crunch Autumn Budget.

On November 26th, Reeves is set to announce a wave of economic policies to fight against the high cost of borrowing in the UK, with hints of income tax and inheritance tax hikes on the horizon.

The Office for Budget Responsibility provides an independent analysis of the UK’s public finances, from which the Chancellor of the Exchequer bases economic policy decisions.

Blocked email attacks

The data was retrieved under the Freedom of Information (FOI) Act, and analysed by the Parliament Street think tank, observing the number of blocked email attacks by the department each year for the past few years.

Rejections spiked to 238,678 over the past 12 months, up from 90,958 the year before, with threats rising 162 per cent.

Commenting on the findings, Andy Ward, SVP International for cybersecurity firm Absolute Security, said: “Cyber risks are heightened in the lead up to big events like the Budget, with cybercriminals targetting confidential economic forecasts and spending plans which could be used to influence markets.”

Most common cyber risk

“As reported by the government, phishing is the most common cyber risk facing organisations such as the OBR. Our latest research found that 60% of security leaders indicated they expect cyber-attacks to increase in the next 12 months and this spike is almost entirely driven by human-centric exploitation,” continued Andy Ward.

“When these types of events are approaching, it’s vital to batten down the hatches and ramp up security to prevent sensitive data from being stolen and to have capabilities in place that quickly restore critical business operations after an incident."

Data from the National Cyber Security Centre recently highlighted that the UK is facing four “nationally significant” cyber-attacks each week, with the potential to have a serious impact on essential services. The volume of significant attacks has risen for the third year in a row, with the NCSC warning organisations to take concrete action to protect themselves.

Download PDF version Download PDF version

Add as a preferred source on Google

People mentioned in this article

Andy Ward Absolute Software Corp.

Show all

Related companies
Absolute Software Corp.

View all news from
Absolute Software Corp.

In case you missed it

What are emerging applications for physical security in transportation?

Transportation systems need robust physical security to protect human life, to ensure economic stability, and to maintain national security. Because transportation involves moving...

Gallagher & Fortified enhance perimeter security solutions

Global security manufacturer - Gallagher Security is proud to announce a strategic partnership with Fortified Security, a pioneering perimeter systems integrator with over 30 years...

Genetec: Data sovereignty in physical security

Genetec Inc., the global pioneer in enterprise physical security software, highlights why data sovereignty has become a central concern for physical security leaders as more survei...