OBR Faces Doubling Cyber Attacks Ahead Of Budget

18 Nov 2025

Contact company

Add as a preferred source Download PDF version

Quick Read ⌵

Summary is AI-generated, newsdesk-reviewed

Cyber attacks targeting OBR double, rising 162% in 12 months before budget.
Phishing named most common cyber risk, warns cybersecurity firm Absolute Security.
UK faces four nationally significant cyber-attacks weekly, NCSC urges protective measures.

Cyber threats targeting the UK's Office for Budget Responsibility (OBR) have more than doubled over the past year, coinciding with the approach of Rachel Reeves' crucial Autumn Budget announcement.

Scheduled for November 26th, this announcement will cover new economic policies aimed at addressing the UK's high borrowing costs, with potential adjustments to income tax and inheritance tax anticipated.

The OBR plays an essential role by offering independent analysis of the nation's public finances, which informs the Chancellor of the Exchequer's policy decisions.

Increase in Blocked Email Attacks

Data obtained through the Freedom of Information Act and analyzed by the Parliament Street think tank has revealed a significant rise in blocked email attacks, with the OBR intercepting 238,678 such attempts in the past year, up from 90,958 previously—a 162 percent increase.

Commenting on these figures, Andy Ward, Senior Vice President International at cybersecurity firm Absolute Security, stated, "Cyber risks are heightened in the lead up to big events like the Budget, with cybercriminals targeting confidential economic forecasts and spending plans which could be used to influence markets."

Phishing: The Predominant Cyber Threat

According to government reports, phishing remains the most prevalent cyber threat to organizations like the OBR. "Our latest research found that 60% of security leaders indicated they expect cyber-attacks to increase in the next 12 months and this spike is almost entirely driven by human-centric exploitation," Ward added.

He emphasized the importance of strengthening security measures during such critical events to safeguard sensitive information and ensure capabilities are in place to promptly recover critical operations post-incident.

Data from the National Cyber Security Centre underscores the escalating cyber threat landscape, with the UK contending with four "nationally significant" cyber-attacks weekly. These incidents have the potential to severely disrupt essential services, marking the third consecutive year of rising attack volumes. The NCSC has urged organizations to implement effective protective measures to mitigate these threats.

Show full press release

Cyber threats against the Office for Budget Responsibility have over doubled in the past 12 months, ahead of Rachel Reeves’ crunch Autumn Budget.

On November 26th, Reeves is set to announce a wave of economic policies to fight against the high cost of borrowing in the UK, with hints of income tax and inheritance tax hikes on the horizon.

The Office for Budget Responsibility provides an independent analysis of the UK’s public finances, from which the Chancellor of the Exchequer bases economic policy decisions.

Blocked email attacks

The data was retrieved under the Freedom of Information (FOI) Act, and analyzed by the Parliament Street think tank, observing the number of blocked email attacks by the department each year for the past few years.

Rejections spiked to 238,678 over the past 12 months, up from 90,958 the year before, with threats rising 162 per cent.

Commenting on the findings, Andy Ward, SVP International for cybersecurity firm Absolute Security, said: “Cyber risks are heightened in the lead up to big events like the Budget, with cybercriminals targeting confidential economic forecasts and spending plans which could be used to influence markets.”

Most common cyber risk

“As reported by the government, phishing is the most common cyber risk facing organizations such as the OBR. Our latest research found that 60% of security leaders indicated they expect cyber-attacks to increase in the next 12 months and this spike is almost entirely driven by human-centric exploitation,” continued Andy Ward.

“When these types of events are approaching, it’s vital to batten down the hatches and ramp up security to prevent sensitive data from being stolen and to have capabilities in place that quickly restore critical business operations after an incident."

Data from the National Cyber Security Centre recently highlighted that the UK is facing four “nationally significant” cyber-attacks each week, with the potential to have a serious impact on essential services. The volume of significant attacks has risen for the third year in a row, with the NCSC warning organizations to take concrete action to protect themselves.

Download PDF version Download PDF version

Add as a preferred source on Google

People mentioned in this article

Andy Ward Absolute Software Corp.

Show all

Related companies
Absolute Software Corp.

View all news from
Absolute Software Corp.

In case you missed it

Why Open Matters In The Age Of AI

Artificial intelligence (AI) creates efficiencies throughout various industries, from managing teams to operating businesses. Key outcomes include faster investigations, fewer fals...

What Are Emerging Applications For Physical Security In Transportation?

Transportation systems need robust physical security to protect human life, to ensure economic stability, and to maintain national security. Because transportation involves moving...

Gallagher's Perimeter Solutions With Fortified Partnership

Global security manufacturer Gallagher Security is proud to announce a strategic partnership with Fortified Security, a pioneering perimeter systems integrator with over 30 years o...