Toronto, June 26, 2025 -- The number of significant cyber attacks on Canadian businesses tripled between 2023 and 2024, a new report from QBE and Control Risks has found.
QBE defines significant cyber incidents as those which are disruptive, globally significant and confirmed as successful breaches. In Canada, the number of incidents rose from ten in 2023 to eighteen in 2024, with projections estimating thirty-two incidents by the end of 2025.
According to the report, the upward trend is consistent with global patterns observed over the same period. While the report focused on globally significant events, it also considered more mundane cyber attacks.
Polling conducted for QBE by Opinium shows 53 percent of Canadian businesses surveyed experienced at least one cyber incident in the last twelve months.
Among those affected, eighteen percent reported a business interruption lasting one working day or more. Thirty-five percent experienced an interruption of less than one working day. Of those impacted, half reported a loss of revenue as a result of the incident. Fifty-eight percent cited vulnerabilities associated with third-party suppliers.
In terms of future planning, 78 percent of businesses expressed concern about cyber threats over the coming twelve months. About 25 percent were “very concerned” while 53 percent were “somewhat concerned.” Some 28 percent of respondents indicated they would increase cybersecurity spending above inflation. Interestingly, 41 percent plan to increase cybersecurity spending in line with inflation.
Eighty percent of Canadian business owners also believe cyber threats have increased over the last year. Despite this, the report also found significant gaps in preparedness, with about 25 percent of business owners not holding cyber insurance coverage and about 15 percent lacking an established cyber incident response plan.
Collision repair facilities are increasingly vulnerable to cyberattacks, which can disrupt operations, compromise sensitive data, and lead to significant financial losses. A notable example occurred in December 2019 when Craftsman Collision, a major auto repair company in British Columbia, was targeted by a ransomware attack. The hackers seized the company's domain name and briefly sent phishing emails to customers. Although the company swiftly shut down its servers and reported no evidence of compromised customer data, the incident resulted in a temporary shutdown of operations.
Cyber threats to collision repair facilities are diverse and can include ransomware attacks, data breaches, and unauthorized access to vehicle systems. These attacks can result in financial losses, legal liabilities, and damage to a facility's reputation. For example, a ransomware attack can lock a shop's data, demanding payment for its release, while unauthorized access to vehicle systems can lead to manipulation of safety features or theft of sensitive information.
The interconnected nature of modern repair operations increases exposure to cyber risks. Many repair shops use third-party software for appointment scheduling, billing, and vehicle diagnostics. If these providers suffer a cyberattack, the shop’s data could be exposed. Additionally, the use of connected diagnostic tools and vehicle systems can provide entry points for cybercriminals if not properly secured.
To mitigate these risks, collision repair facilities should implement robust cybersecurity measures. This includes employee training to recognize cyber threats, managing user privileges, preparing backup and recovery strategies, and investing in cyber insurance. By proactively addressing cybersecurity, repair shops can protect their operations, data, and reputation from the growing threat of cyberattacks.
