Government regulator fines a company £60,000 after it suffered a cyber attack

Huge fines could cripple SMEs who ignore the threat of cybercrime, according to corporate recovery and business advisory firm Quantuma.

The warning comes after a government regulator showed its teeth by fining a company £60,000 after it suffered a cyber attack.

The Information Commissioner’s Office (ICO) took the action after investigating Berkshire-based Boomerang Video Ltd and finding it failed to take basic steps to stop its website being attacked.

Carl Jackson, managing partner at Quantuma, said: “Regulators are cracking down on SMEs who don’t have proper cybercrime defences, and this can result in a double-whammy financial hit.

“Not only do companies face all the operational disruption and costs that website attacks cause, but they then will face stiff penalties for not having proper procedures in place to deal with the problem in the first place.

“In some cases, the total costs to the business caused by the initial attacks and then huge fines could even mean they end up being pushed into insolvency.”

The situation is set to become more serious from May 2018 when the new General Data Protection Legislation (GDPR) comes into force, laying down minimum standards for companies’ anti-cybercrime systems and procedures.

Mr Jackson added: “From next year, fines against firms who ignore cybercrime could be a lot higher and will probably hit businesses who are already under financial pressure – as that’s one of the reasons why they won’t have invested in defences.”

Quantuma is highlighting the importance of the Cyber Essentials scheme developed by government and industry which clearly explains the basic controls businesses should have as part of what’s known as “10 Steps to Cyber Security”.

The scheme also offers an Assurance Framework which enables companies to demonstrate to customers, investors, insurers and others that they have taken essential precautions.

Mike Wright, partner at Quantuma, said: “Taking the necessary steps to defend against cybercrime needn’t be disproportionality expensive for companies if they follow the guidance in the Cyber Essentials scheme.

“You wouldn’t leave your house or office without locking the front door, or leave the cash register open and unattended.

“The same now applies to online files and personal data. Cyber security is as important as general business or personal security.

“Regardless of your size, if you are a business that handles personal information then data protection laws apply to you, and you must carefully put your defences into place.”


Quantuma is one of the UK’s fastest growing corporate recovery and business advisory firms, with offices in London, Southampton, Marlow, Watford, Brighton, Bristol, Manchester and Birmingham.

Ends (421 words)

For further information, please contact:

Marie Wadeson, Head of Marketing,

Quantuma LLP, Vernon House, 23 Sicilian Avenue, London, WC1A 2QS

Tel: 07464 545678


Andy Skinner, Managing Director, ASAP PR – 07990 978257


Notes to Editors

Quantuma LLP is a leading restructuring and insolvency practice delivering partner-led solutions to businesses and individuals facing financial distress with offices in London, Southampton, Marlow, Watford, Brighton, Bristol, Manchester and Birmingham.