Firms are required by law to report breaches within 72 hours

The Information Commissioner’s Office (ICO) is assessing information provided to it by Ardonagh after the broker was hit by a cyber attack last week.

The breach - described by The Register as a ransomware attack - was announced by Ardonagh on 30 September. The incident ”caused disruption across a limited part of the Ardonagh Group estate”, the company said last week.

Businesses affected by cyber attacks are required to notify the ICO within 72 hours when there has been a data breach. In serious cases, those affected must be contacted also.

Ardonagh said the incident was identified as a result of the routine comprehensive monitoring it has in place.

”We immediately took all necessary action including taking impacted systems offline and have implemented our business continuity plans in the impacted business units, to minimise disruption to our customers, Ardonagh continued. 

”We are working with third-party forensic and IT experts to manage the situation and are in the process of carrying out remedial action.”

The 2025 Insurance Times Awards took place on the evening of Wednesday 3rd December in the iconic Great Room of London’s Grosvenor House.

Hosted by comedian and actor Tom Allen, 34 Gold, 23 Silver and 22 Bronze awards were handed out across an amazing 34 categories recognising brilliance and innovation right across the breadth of UK general insurance.
Many congratulations to all the worthy winners and as always, huge thanks to our sponsors for their support and our judges for their expertise.

Topics