Cox Yeats, a leading South African law firm with deep expertise in cyber insurance and financial lines, is issuing an urgent warning about the escalating threat in festive season cybercrime. The firm’s Business Rescue, Restructuring, Insolvency, and Insurance team has observed a dramatic increase in cyber-attacks targeting consumers and businesses, with consequences that extend far beyond financial loss.
“Cox Yeats encourages everyone to remain vigilant. Attackers are expected to exploit the surge in online shopping and digital transactions, leveraging fake stores, phishing emails, malicious QR codes, and AI-powered impersonation to steal credentials and payment information,” says Cox Yeats Partner, Mongezi Mpahlwa. “The firm recommends verifying the legitimacy of all communications, using only official channels for transactions, and avoid transactions on public Wi-Fi; or rather use company VPN or mobile data. Any suspicious activity must be reported to the appropriate authorities.”
An average of almost three hundred notifications per month
Recent data paints a sobering picture. According to the Information Regulator, South Africa experienced 2,374 formally reported data breaches between April 2024 and March 2025, averaging around two hundred incidents every month. The situation has worsened in the current financial year, with 1,947 breaches reported from April 2025 to date – an average of almost three hundred notifications per month. This represents a forty percent spike in security compromises across the country, a trend described as deeply concerning by the Information Regulator.
The attacks have not spared any sector: government departments, healthcare providers, financial institutions, and businesses of all sizes have fallen victim to ransomware, data theft, and extortion. High-profile incidents include the theft of 1.6 terabytes of sensitive government data, the disruption of critical medical services, and the exposure of customer information at major retailers and telecoms providers.
R48 million: the average cost of a data breach
The economic impact is staggering. South African consumers lost more than R1 billion in 2023[1] alone due to digital banking and mobile app crimes. The average cost of a data breach for a local business now stands at R49 million, a figure that can be devastating for small and medium-sized enterprises. The South African Banking Risk Information Centre (SABRIC) has reported annual losses of up to R3.3 billion from cyber-attacks, with digital banking fraud surging by forty-five percent and related financial losses rising by forty-seven percent in the past year. Experts warn that the true cost is likely even higher, as many incidents go unreported or are quietly settled.
70% of consumers have fallen victims to cybercrime
Consumers are not immune. Surveys show that seventy percent [2]of consumers have fallen victim to cybercrime, compared to fifty percent globally. Thirty-five percent of respondents admitted to losing money due to scams, and thirty-two percent have clicked on phishing emails. The emotional toll is equally severe, with fifty-eight percent of people in South Africa expressing deep concern about falling victim to cybercrime a dramatic increase from previous years. The rise of artificial intelligence has made it easier for criminals to impersonate trusted brands, colleagues, or even family members, amplifying the risk of social engineering and fraud.
Ransomware: South Africa, the second-most targeted in Africa
The threat landscape is evolving rapidly. Ransomware remains the most disruptive danger, with South Africa ranking as the second-most targeted nation in Africa [3]and the third most targeted globally for cyber-attacks. Attackers are increasingly using double extortion tactics, threatening to leak sensitive data unless a ransom is paid. Sectors such as retail, technology, healthcare, and professional services are all in the crosshairs, and small businesses are particularly vulnerable due to limited resources and awareness. The commoditisation of stolen data and access credentials on underground platforms such as the dark web has further fuelled the cycle of extortion, disruption, and espionage.
“As Cox Yeats, we urge organisations in particular to take immediate action and to ensure they are covered for financial loss and liability arising from cyber-attacks, data breaches, ransomware, business interruption, and regulatory fines,” explains Mpahlwa. “Firms such as Cox Yeats provide advice on policy wording, coverage disputes, and the defence of claims, and guide businesses through incident response, regulatory compliance, and recovery action plans. “
