2025 Report on major ICT-related incidents Joint-ESA report under Article 22 of DORA
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.loc.gov/MARC21/slim http://www.loc.gov/standards/marcxml/schema/MARC21slim.xsd">
<record>
<leader>00000cam a22000004 44500</leader>
<controlfield tag="001">MAP20260034850</controlfield>
<controlfield tag="003">MAP</controlfield>
<controlfield tag="005">20260605105725.0</controlfield>
<controlfield tag="008">260603s2026 bel|||| ||| ||eng d</controlfield>
<datafield tag="040" ind1=" " ind2=" ">
<subfield code="b">spa</subfield>
<subfield code="a">MAP</subfield>
<subfield code="d">MAP</subfield>
</datafield>
<datafield tag="084" ind1=" " ind2=" ">
<subfield code="a">861</subfield>
</datafield>
<datafield tag="110" ind1="2" ind2=" ">
<subfield code="0">MAPA20110000219</subfield>
<subfield code="a">EIOPA</subfield>
</datafield>
<datafield tag="245" ind1="1" ind2="0">
<subfield code="a">2025 Report on major ICT-related incidents</subfield>
<subfield code="b">Joint-ESA report under Article 22 of DORA</subfield>
<subfield code="c">EIOPA</subfield>
</datafield>
<datafield tag="260" ind1=" " ind2=" ">
<subfield code="a">Brussels</subfield>
<subfield code="b">EIOPA</subfield>
<subfield code="c">2026</subfield>
</datafield>
<datafield tag="300" ind1=" " ind2=" ">
<subfield code="a">21 p.</subfield>
</datafield>
<datafield tag="505" ind1=" " ind2=" ">
<subfield code="a">List of Figures -- Abbreviations -- Executive Summary -- Introduction -- Methodology -- Overview of major incidents in the EU -- Conclusions</subfield>
</datafield>
<datafield tag="520" ind1=" " ind2=" ">
<subfield code="a">This joint ESAs report provides an anonymised, aggregated overview of major ICT-related incidents reported in 2025 under DORA Article 22. A total of 3,383 incidents were notified, mostly in the credit and payments sectors. One third had cross-border impact, reflecting strong interconnections, shared infrastructures and third-party dependencies. System failures and external events were the predominant drivers; about 29% originated at third-party providers. Cybersecurity incidents represented a smaller share, suggesting safeguards and detection measures are effective, though vigilance is needed. Most incidents had limited impact on clients, transactions and financial counterparties, pointing to timely detection and effective containment. The report discusses classification criteria, root causes, impacts, remedial actions, costs, and highlights selected cross-border events (e.g., TARGET services outage; Iberian Peninsula blackout). It also notes data quality and reporting divergences in this first DORA year and outlines steps to improve supervisory convergence and data collection.</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2=" ">
<subfield code="0">MAPA20080567613</subfield>
<subfield code="a">Unión Europea</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2=" ">
<subfield code="0">MAPA20240022341</subfield>
<subfield code="a">Reglamento DORA</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2=" ">
<subfield code="0">MAPA20080587581</subfield>
<subfield code="a">Riesgo informático</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2=" ">
<subfield code="0">MAPA20080608811</subfield>
<subfield code="a">Supervisión financiera</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2=" ">
<subfield code="0">MAPA20090000414</subfield>
<subfield code="a">Externalización de servicios</subfield>
</datafield>
<datafield tag="651" ind1=" " ind2=" ">
<subfield code="0">MAPA20080640255</subfield>
<subfield code="a">Unión Europea</subfield>
</datafield>
</record>
</collection>