When Hackers Come for the Pub: What Jeremy Clarkson’s Cyber Scare Says About Small Business Security

Cyber AttackCyber Security
Written By Jordan Stewart

When most people think of cyberattacks, they imagine major banks, tech companies, or government departments being targeted. What they probably don’t picture is a country pub tucked away in the Cotswolds - but that’s exactly where the latest headline-grabbing hack has come from.

Jeremy Clarkson recently revealed in his newspaper column that his pub, The Farmer’s Dog, had £27,000 stolen after cybercriminals broke into its accounting systems. Details are still emerging, but what's clear is that even well-known names running seemingly simple businesses aren’t immune to digital threats.

It’s a timely reminder that cybercrime doesn’t discriminate. Don't be blinkered by the attacks making headlines for the likes of JLR, Heathrow, M&S or the Co-op. A ten-person local firm is just as much of a target as a ten-thousand-person-plus multinational company; the risks are very real, and the attackers don’t care about your size, fame, or postcode.

A Wake-Up Call for the ‘We’re Too Small to Target’ Crowd

As of 2026, we've been around for 25 years, which means we've worked with thousands of organisations and spoken to countless more. Across that time - and even very recently - there’s a common misconception among smaller organisations that they’re too small, too niche, or too local to attract the attention of hackers. In an ideal world, that would be great.

Unfortunately, the data tells a very different story.

Small and medium-sized enterprises (SMEs) now account for the majority of cyberattacks reported in the UK each year. Many of these incidents never make the news in the way the JLR attack did because they involve modest sums or brief disruptions, versus millions of pounds and 33,000 employees. Does that mean the impact on an SME is any less devastating, particularly when systems, finances, or customer trust are affected? In short, no.

What’s more, smaller businesses often wind up being ideal targets precisely because their defences are lighter. Limited budgets, legacy systems, and competing priorities mean that security controls, staff awareness training, or multi-factor authentication can slip down the list.

The result? Attackers don’t need to breach a corporate fortress; they just need to find an unlocked door or make one single person who's spinning too many plates at once to drop their guard for a second and click something they shouldn't.

It’s Not About Tech, It’s About Trust

What makes Clarkson’s story relatable isn’t just the name attached to it (even if you had an affinity for Top Gear or are up to date with Clarkson's Farm), but it's the type of business. A pub isn’t what most people think of when they picture a“data risk.” Yet behind the bar, there’s a wealth of sensitive information, such as payroll data, supplier invoices, staff records, and customer payment details, all of which are valuable to cybercriminals.

This isn’t a purely technical problem. It’s a trust problem.

When customers pay for a meal or a pint, they expect their information to be handled securely. When suppliers send invoices, they expect to be paid correctly. And when something goes wrong, as it did in Clarkson’s case, the reputational damage often outlasts the financial loss.

People might forgive a slow pint being poured every once in a while. They’re less forgiving when they think their details might be at risk.

The Invisible Risks Behind Everyday Systems

Most small businesses today run on a web of interconnected software: accounting tools, booking systems, payment platforms, and email. Each one creates a potential entry point if it isn’t properly protected.

The Clarkson incident highlights how vulnerable these everyday systems can be when attackers exploit weak passwords, unsecured remote access, or a lack of multi-factor authentication.

And while we don’t know exactly how The Farmer’s Dog was compromised, it underlines a familiar pattern: it’s rarely the “sophisticated” hack that causes chaos, but the simple one that goes unnoticed until it’s too late.

A reused password here. A phishing email there. That’s all it takes.

Prevention Starts with People

The good news is that small businesses aren’t powerless. Many of the most effective protections don’t require large investments, just awareness, training, and consistent habits.

At Fifosys, we see time and again that people are both the weakest link and the greatest strength in a company’s cyber defence. With the right guidance, staff quickly learn to spot red flags and understand their role in protecting the business.

A few of the fundamentals we encourage every organisation to consider:

  • Use multi-factor authentication (MFA) on all financial and business-critical systems.

  • Train staff regularly to recognise phishing and social engineering tactics.

  • Review supplier access and know who can log in to your systems, and why.

  • Back up key data securely and test recovery processes often.

  • Keep systems patched and updated, especially for remote access tools and software integrations.

None of this is groundbreaking, but that’s the point. The basics are what save businesses when the unexpected happens.

Big Names, Small Lessons

From Jaguar Land Rover to Heathrow Airport, recent months have shown that even the biggest players can be brought to a standstill by cyber incidents. But stories like Clarkson’s remind us that cybercrime isn’t only a problem for global corporations.

In fact, smaller organisations often feel the impact far more acutely. A day of downtime or a few thousand pounds lost might be a rounding error for a multinational, but for a local business, it can mean missed wages, cancelled orders, and sleepless nights at best - or it could be a death sentence for others.

And yet, with the right approach, these same organisations can be the most agile, responsive, and resilient. Culture, communication, and training go a long way towards building defences that scale with the business.

Final Thought

Cybersecurity is so multifaceted that it's long past being 'just about technology'. You need to factor in your people, habits, and awareness, too. Clarkson’s story might make the headlines because of who he is, but it could just as easily have happened to any pub, café, or small business in the UK.

Every attack, big or small, carries the same message: it’s better to prepare than to repair.

At Fifosys, we work with businesses of every size to strengthen their security posture, train their teams, and build a culture of resilience. If you’d like to understand where your own vulnerabilities might lie, talk to us before the hackers come knocking.

Jordan Stewart
Previous

The Clock’s Ticking: What Windows 10 End-of-Life Means for You
Next

Beyond the Tick Box: Building a Culture of Compliance