IMI reports ‘unauthorized’ cyber activity in latest incident affecting UK engineering firms

The British engineering company IMI has reported a cyber incident to the London Stock Exchange (LSE) — the second U.K.-based engineering giant to do so in the last nine days. 

In a short notification to the exchange, the company said that as of Thursday, it was responding to an “incident involving unauthorised access to the Company's systems.” 

“As soon as IMI became aware of the unauthorised access, the Company engaged external cyber security experts to investigate and contain the incident,” they wrote. 

On January 28, the engineering firm Smiths Group told the LSE it had detected unsanctioned activity on its network and “rapidly isolated affected systems and activated business continuity plans.” 

The Birmingham-based IMI specializes in industrial automation and climate control products, among other services. As of this month, it has a market cap of $6.24 billion. 

A spokesperson for the company declined to comment on the incident. 

According to industrial cybersecurity company Dragos, there were 119 ransomware incidents targeting European companies in the third quarter of 2024, with the U.K., Germany and Italy most affected. From July to September 2024, there were 394 attacks on the manufacturing sector globally, and 56 incidents affecting industrial control systems.

In August 2024, the German belt drive manufacturer Arntz Optibelt Group was hit with a ransomware attack which “significantly impacted the company’s ability to conduct normal business operations,” Dragos said.