Búsqueda
Centro de Documentación y Conocimiento

2025 Report on major ICT-related incidents Joint-ESA report under Article 22 of DORA

 
<?xml version="1.0" encoding="UTF-8"?><modsCollection xmlns="http://www.loc.gov/mods/v3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.loc.gov/mods/v3 http://www.loc.gov/standards/mods/v3/mods-3-8.xsd">
<mods version="3.8">
<titleInfo>
<title>2025 Report on major ICT-related incidents</title>
<subTitle>Joint-ESA report under Article 22 of DORA</subTitle>
</titleInfo>
<name type="corporate" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20110000219">
<namePart>EIOPA</namePart>
<nameIdentifier>MAPA20110000219</nameIdentifier>
</name>
<typeOfResource>text</typeOfResource>
<originInfo>
<place>
<placeTerm type="code" authority="marccountry">bel</placeTerm>
</place>
<issuance>monographic</issuance>
<place>
<placeTerm type="text">Brussels</placeTerm>
</place>
<publisher>EIOPA</publisher>
<dateIssued>2026</dateIssued>
</originInfo>
<language>
<languageTerm type="code" authority="iso639-2b">eng</languageTerm>
</language>
<physicalDescription>
<form authority="marcform">print</form>
<extent>21 p.</extent>
</physicalDescription>
<abstract displayLabel="Summary">This joint ESAs report provides an anonymised, aggregated overview of major ICT-related incidents reported in 2025 under DORA Article 22. A total of 3,383 incidents were notified, mostly in the credit and payments sectors. One third had cross-border impact, reflecting strong interconnections, shared infrastructures and third-party dependencies. System failures and external events were the predominant drivers; about 29% originated at third-party providers. Cybersecurity incidents represented a smaller share, suggesting safeguards and detection measures are effective, though vigilance is needed. Most incidents had limited impact on clients, transactions and financial counterparties, pointing to timely detection and effective containment. The report discusses classification criteria, root causes, impacts, remedial actions, costs, and highlights selected cross-border events (e.g., TARGET services outage; Iberian Peninsula blackout). It also notes data quality and reporting divergences in this first DORA year and outlines steps to improve supervisory convergence and data collection.</abstract>
<tableOfContents>List of Figures -- Abbreviations -- Executive Summary -- Introduction -- Methodology -- Overview of major incidents in the EU -- Conclusions</tableOfContents>
<note type="statement of responsibility">EIOPA</note>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080567613">
<topic>Unión Europea</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20240022341">
<topic>Reglamento DORA</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080587581">
<topic>Riesgo informático</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080608811">
<topic>Supervisión financiera</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20090000414">
<topic>Externalización de servicios</topic>
</subject>
<subject xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="MAPA20080640255">
<geographic>Unión Europea</geographic>
</subject>
<classification authority="">861</classification>
<recordInfo>
<recordContentSource authority="marcorg">MAP</recordContentSource>
<recordCreationDate encoding="marc">260603</recordCreationDate>
<recordChangeDate encoding="iso8601">20260605105725.0</recordChangeDate>
<recordIdentifier source="MAP">MAP20260034850</recordIdentifier>
<languageOfCataloging>
<languageTerm type="code" authority="iso639-2b">spa</languageTerm>
</languageOfCataloging>
</recordInfo>
</mods>
</modsCollection>