Supply chain cyber attacks cost charities millions of pounds - here's how to address them

Darkbeam offers charity-specific pricing for our comprehensive Supplier Cyber Risk Management platform. Click here to request charity pricing.


Cyber criminals are rarely constrained by their morals and see charities as a viable target for attacks. Official UK statistics showed that 30% of UK charities had identified a cyber attack in the last 12 months.  

Sensitive charity data stolen in a cyber attack-1

When any organisation suffers a cyber attack – directly or through a supplier – the impact can be substantial. 

  • Financial costs 
    Two charities have already faced GDPR fines over the security of data held in third-party systems. 
  • Reputational harm 
    An American study found that 1-in-4 people who read a negative news story about a charity are less likely to donate to them three years later.
  • Operational harm 
    1-in-10 charities have suffered an operational impact due to a cyber attack in the last 12 months. 


Suppliers are a critical vulnerability

Research from Deloitte shows that 83% of organisations have experienced a third-party cybersecurity data incident. Because of the interconnected nature of modern charities and businesses, attackers know that they can breach one company and steal the data of thousands. 


Data from more than 100 charities stolen in a single attack

In April 2023, hackers stole the data of more than 100 charities and their beneficiaries in an attack on an IT service provider. Stolen data included beneficiaries of a charity which supports adults who survived childhood abuse. The incident was referred to the police in Northern Ireland.


The charity sector was also impacted by the recent mass data breach via the MOVEit platform. An American charity which supports students in 22,000 schools and 3,600 universities had data breached via a third-party partner which used the MOVEit technology. 


Most charities don't manage supplier cyber risks

Despite all of this, UK Government statistics show that only 5% of charities have assessed the cybersecurity risks posed by their wider supply chain (note, the figure rises to 29% for charities with 'very high incomes').  


The 95% of charities who haven't cannot be blamed. Supply chains are expansive and managing cyber risks at scale can be expensive. Coupled with budgetary concerns are a lack of time among existing teams to implement any kind of supplier cyber risk management process. 

Analysis by Darkbeam shows that only 0.3% of UK charities have in-house cybersecurity expertise and, among those that do, the average cybersecurity team consists of 2.1 people. Procurement teams are equally stretched, averaging 3.5 people (for charities who have a procurement function).  

Without scalable automation at a very affordable price, management of supplier cyber risks would remain out of reach for charities in general.  


Darkbeam provides a Supplier Cyber Risk Management capability with charity-specific pricing 

Due to the intense pressure of charities to protect themselves from cyber threats among suppliers, Darkbeam has made its entire capability available at charity-specific pricing.   

This means that charities of any size can benefit from the same capabilities that secure supply chains across Britain's telecommunications, power, finance, education and legal infrastructure. 

Supplier Vulnerability Intelligence Supplier Threat Intelligence
  • Automated assessments of every supplier 

  • Over 30 tests including database security, stolen credentials and more
  • Comprehensive reporting and actionable guidance 

  • Continuous monitoring for up-to-date information whenever it's required 
  • Continuous dark web monitoring of key suppliers 

  • Supported by human analysts 

  • Actionable visibility of incidents involving suppliers, including data breaches and ransomware attacks 

This extensive capability is provided with exclusive pricing for charities - including human analysts who monitor any dark web alerts relating to key suppliers, provide analysis and alert your team. 


For information regarding charity-specific pricing, please complete the form below:



Subscribe Here!