Toronto, June 26, 2025 — The number of significant cyber attacks on Canadian businesses tripled between 2023 and 2024, a new report from QBE and Control Risks has found.
QBE defines significant cyber incidents as those which are disruptive, globally significant and confirmed as successful breaches. In Canada, the number of incidents rose from ten in 2023 to eighteen in 2024, with projections estimating thirty-two incidents by the end of 2025.
According to the report, the upward trend is consistent with global patterns observed over the same period. While the report focused on globally significant events, it also considered more mundane cyber attacks.
Polling conducted for QBE by Opinium shows 53 percent of Canadian businesses surveyed experienced at least one cyber incident in the last twelve months.
Among those affected, eighteen percent reported a business interruption lasting one working day or more. Thirty-five percent experienced an interruption of less than one working day. Of those impacted, half reported a loss of revenue as a result of the incident. Fifty-eight percent cited vulnerabilities associated with third-party suppliers.
In terms of future planning, 78…
