As of January 2025, the most significant data breach incident in the United Kingdom (UK) was the 2017-2018 Dixons Carphone breach. As a result of this incident, 14 million user records were affected, and 5.6 million payment card information was exposed. The Equifax data breach between 2011 and 2016 impacted over 15 million customers nationwide.
The government has surveyed UK businesses, charities and educational institutions to find out how they approach cyber security and gain insight into the cyber security issues they face. The research informs government policy on cyber security and how government works with industry to build a prosperous and resilient digital UK.
19 April 2023
Respondents were asked about their approach to cyber security and any breaches or attacks over the 12 months before the interview. Main survey interviews took place between October 2022 and January 2023. Qualitative follow up interviews took place in December 2022 and January 2023.
UK
The survey is part of the government’s National Cyber Strategy 2002.
There is a wide range of free government cyber security guidance and information for businesses, including details of free online training and support.
The survey was carried out by Ipsos UK. The report has been produced by Ipsos on behalf of the Department for Science, Innovation and Technology.
This release is published in accordance with the Code of Practice for Statistics (2018), as produced by the UK Statistics Authority. The UKSA has the overall objective of promoting and safeguarding the production and publication of official statistics that serve the public good. It monitors and reports on all official statistics, and promotes good practice in this area.
The document above contains a list of ministers and officials who have received privileged early access to this release. In line with best practice, the list has been kept to a minimum and those given access for briefing purposes had a maximum of 24 hours.
The Lead Analyst for this release is Emma Johns. For any queries please contact cybersurveys@dsit.gov.uk.
For media enquiries only, please contact the press office on 020 7215 1000.
As of 2024, the average data breach cost in the United Kingdom (UK) was around **** million U.S. dollars. In the measured period, 2022 registered the highest cost for breached data, more than five million U.S. dollars. The figure, thus, has increased from *** million U.S. dollars since 2020.
During the fourth quarter of 2024, data breaches exposed more than a million user data records in the United Kingdom (UK). The figure decreased significantly from nearly 41 million in the quarter prior. Overall, the time between the first quarter of 2022 and the fourth quarter of 2023, saw the lowest number of exposed user data accounts.
As of January 2024, about ** percent of organizations in the United Kingdom reported experiencing a data breach accident once a month. A further ** percent said they had encountered a data breach event less than once a month in the past 12 months. Meanwhile, ** percent said they had experienced a data breach incident once a week.
A survey conducted in the United Kingdom (UK) between September 2023 and January 2024 found that ** percent of the respondents needed to implement new measures for future attacks. A further ** percent said they added staff time to deal with the breach. Additionally, ***** percent said the incident stopped the staff from carrying out daily work.
The Cyber Security Breaches Survey, 2020 was run to understand organisations' approaches and attitudes to cyber security, and to understand their experience of cyber security breaches. Its aim was to support the Government by providing evidence that can inform policies which help to make Britain a safer place to do business online.
The data have been collected annually since 2016 to understand the views of UK organisations on cyber security. Data is collected on topics including online use; attitudes of organisations to cyber security and awareness of Government initiatives; approaches to cyber security (including investment and processes); incidences and impact of a cyber security breach or attack; and how breaches are dealt with by the organisation. This information helps to inform Government policy towards organisations, including how best to target key messages to businesses and charities so that they are cyber secure (and so that the UK is the safest place in the world to do business online). The study is funded by the Cabinet Office as part of the National Cyber Security Programme.
The underlying data are useful for researchers to better understand the response across a range of organisations (rather than averages) and for wider comparability over time. The survey originally only covered businesses but was expanded to include charities from the 2018 survey onwards. From 2020, the survey includes a sample of education institutions (primary and secondary schools, further and higher education). Please note that the UK Data Service only holds data from 2018 onwards.
Further information and additional publications can be found on the GOV.UK https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2020">Cyber Security Breaches Survey, 2020 webpage.
Attribution 4.0 (CC BY 4.0)https://creativecommons.org/licenses/by/4.0/
License information was derived automatically
The U.K. ICO fined 23andMe £2.31 million for inadequate data protection, leading to a 2023 breach affecting over 6.9 million users, including 155,000 in the U.K.
As of February 2025, the largest fine issued for violation of the General Data Protection Regulation (GDPR) in the United Kingdom (UK) was more than 22 million euros, received by British Airways in October 2020. Another fine received by Marriott International Inc. in the same month was the second-highest in the UK and amounted to over 20 million euros.
The annual reports of the Cyber Security Breaches Survey can be found on the Cyber Security Breaches Survey collection page.
Geographic coverage: UK.
If you would like any further information please contact statistics@dsit.gov.uk.
Date published | Ad hoc detail | Data tables |
---|---|---|
January 2024 | Cyber security practices among organisations who do/ do not adhere to Cyber Essentials |
This statistic displays the share of businesses that have had cyber security braches or attacks in the United Kingdom (UK) in 2019. Among all respondents, ** percent had breaches in the past 12 months. With respect to business size, ** percent of small firms experienced cyber security breaches in the past 12 months.Concerning the size of businesses, micro businesses had *** to **** employees, small businesses had ** to ** employees, medium businesses had ** to *** employees and large businesses had *** employees or more. On the other hand, there were many types of cyber security breaches experienced by businesses in the past 12 months such as malware.
The Cyber Security Breaches Survey, 2021 (CSBS) was run to understand organisations' approaches and attitudes to cyber security, and to understand their experience of cyber security breaches, especially in light of the COVID-19 pandemic. The aim of the survey was to support the Government by providing evidence that can inform policies which help to make Britain a safer place to do business online. Details of changes for the 2021 survey can be found in the Technical Annex documentation.
These surveys have been conducted annually since 2016 to understand the views of UK organisations on cyber security. Data are collected on topics including online use; attitudes of organisations to cyber security and awareness of Government initiatives; approaches to cyber security (including investment and processes); incidences and impact of a cyber security breach or attack; and how breaches are dealt with by the organisation. This information helps to inform Government policy towards organisations, including how best to target key messages to businesses and charities so that they are cyber secure (and so that the UK is the safest place in the world to do business online). The study is funded by the DCMS as part of the National Cyber Security Programme.
The underlying data are useful for researchers to better understand the response across a range of organisations and for wider comparability over time. The survey originally only covered businesses but was expanded to include charities from the 2018 survey onwards. From 2020, the survey includes a sample of education institutions (primary and secondary schools, further and higher education). Please note that the UK Data Service only holds data from 2018 onwards.
Further information and additional publications can be found on the "http://GOV.UK" target="_blank"> GOV.UK Cyber Security Breaches Survey, 2021 webpage.
A survey conducted in the United Kingdom (UK) from September 2023 to January 2024 found that around 13 percent of businesses that had identified a data breach incident or a cyberattack in the preceding 12 months had seen at least one outcome after the incident. The most common were the situations where the website or online services were taken down or made slower and the temporary loss of access to files or networks.
As of January 2025, the most significant data privacy violation fine worldwide was for social media giant Meta. In May 2023, the Data Protection Commission (DPC) of Ireland decided to fine the company with 1.2 billion euros or 1.3 billion U.S. dollars. The Chinese vehicle-for rent company Didi Global ranked second. In July 2022, China's data privacy regulator fined the company 8.026 billion Chinese yuan, or 1.19 billion U.S. dollars. The 2021 Amazon fine issued by Luxembourg's data privacy regulation authorities was 877 million U.S. dollars and was the third-biggest data breach fine as of the measured month. The 2019 fine of 575 million U.S. dollars to Equifax followed. In this incident, because of unpatched vulnerabilities, nearly 150 million people were affected, which caused the American consumer credit reporting agency to pay at least 575 million U.S. dollars.
The Cyber Security Breaches Survey, (CSBS) is run to understand organisations' approaches and attitudes to cyber security, and to understand their experience of cyber security breaches.. The aim of the survey is to support the Government by providing evidence that can inform policies which help to make Britain a safer place to do business online.
These surveys have been conducted annually since 2016 to understand the views of UK organisations on cyber security. Data are collected on topics including online use; attitudes of organisations to cyber security and awareness of Government initiatives; approaches to cyber security (including investment and processes); incidences and impact of a cyber security breach or attack; and how breaches are dealt with by the organisation. This information helps to inform Government policy towards organisations, including how best to target key messages to businesses and charities so that they are cyber secure (and so that the UK is the safest place in the world to do business online). The study is funded by the DCMS as part of the government's £2.6 billion National Cyber Strategy 2022 to protect and promote the UK in cyber space.
The underlying data are useful for researchers to better understand the response across a range of organisations and for wider comparability over time. The survey originally only covered businesses but was expanded to include charities from the 2018 survey onwards. From 2020, the survey includes a sample of education institutions (primary and secondary schools, further and higher education). Please note that the UK Data Service only holds datasets on each specific year from 2018 onwards.
Cyber Security Breaches Survey: Combined Dataset, 2016-2022 includes data from 2016 to 2022. This is cross-sectional data only and not all variables are included in all years. For longitudinal data, please access the Cyber Security Longitudinal Survey: Wave 1, 2021 (available from the UK Data Archive under SN 8969) and onwards.
Further information and additional publications can be found on the GOV.UK Cyber Security Breaches Survey webpage.
Abstract copyright UK Data Service and data collection copyright owner.
The Cyber Security Longitudinal Survey (CSLS) helps us better understand cyber security policies and processes within medium and large businesses and high-income charities. It explores the links over time between these policies and processes and the likelihood and impact of a cyber incident. The survey is commissioned by The Department of Science, Innovation and Technology as part of the National Cyber Strategy. It aims to support the Government by providing evidence that can inform policies which help to make Britain a safer place to do business online. This is the third research year (or wave) of a multi-year study and the data were collected over 2023.
The core objectives of the study are to:
explore how and why UK organisations are changing their cyber security profile and how they implement, measure, and improve their cyber defences.
provide a more in-depth picture of larger organisations, covering topics that are lightly covered in the main Cyber Security Breaches Survey (also available from the UK Data Archive), such as corporate governance, supply chain risk management, internal and external reporting, cyber strategy, and cyber insurance.
explore the effects of actions adopted by organisations to improve their cyber security on the likelihood and impact of a cyber incident.
Further information and additional publications can be found on the GOV.UK Cyber Security Longitudinal Survey pages.
Wave 1 and 2 data from the Cyber Security Longitudinal Survey can also be found on the UK Data Archive under SNs 8969 and 9067 respectively.
The questionnaire covered the following topic areas:
https://www.marketreportanalytics.com/privacy-policyhttps://www.marketreportanalytics.com/privacy-policy
The United Kingdom data center physical security market is experiencing robust growth, projected to reach £89.48 million in 2025 and maintain a Compound Annual Growth Rate (CAGR) of 15.10% from 2025 to 2033. This expansion is driven by several key factors. The increasing adoption of cloud computing and the subsequent rise in data center infrastructure necessitates heightened security measures. Furthermore, growing concerns surrounding data breaches and cyber threats are prompting organizations across various sectors – including IT & Telecommunications, BFSI (Banking, Financial Services, and Insurance), Government, and Healthcare – to invest heavily in advanced physical security solutions. The market is segmented by solution type (video surveillance, access control, and others), service type (consulting, professional services, and system integration), and end-user industry. The demand for sophisticated integrated security systems, combining video analytics, biometric access control, and perimeter security, is a significant trend shaping the market. Competitive pressures among established players like Axis Communications, Bosch, and Honeywell, along with emerging technology providers, are fostering innovation and driving down costs, making these solutions more accessible to a wider range of organizations. The market's sustained growth is also fueled by government regulations promoting cybersecurity and data protection. However, challenges remain. The high initial investment costs associated with implementing comprehensive security systems can be a restraint for smaller organizations. Furthermore, the complexity of integrating various security systems and managing their upkeep might pose operational hurdles. Despite these challenges, the overall outlook for the UK data center physical security market remains positive, with strong growth expected throughout the forecast period (2025-2033). The market's trajectory suggests a significant opportunity for vendors offering innovative, scalable, and cost-effective solutions tailored to the specific needs of data center operators. Recent developments include: February 2024: In the latest release of the Axis operating system, AXIS OS and Axis Communications AB, it was announced that more than 200 network devices, including cameras, intercoms, and 11.8 audio speakers, are supported by the IEEE MAC 802.1sec security standard. Demonstrating the company's continued commitment to device and data security, Axis has become the first manufacturer of physical safety products supporting MACsec Media Access Control Security., October 2023: Zwipe partnered with Schneider Electric’s Security Solutions Group. The French-based multinational Schneider Electric plans to introduce the Zwipe Access fingerprint-scanning smart card to its clientele. This card will be integrated with Schneider Electric’s Continuum and Security Expert platforms, serving a client base from sectors, including airports, transportation, healthcare, and data centers.. Key drivers for this market are: Increasing Demand of Clolud Computing Capabilities Drives the Market Growth, Increase Security Concerns in the Market Drives the Market Growth. Potential restraints include: Increasing Demand of Clolud Computing Capabilities Drives the Market Growth, Increase Security Concerns in the Market Drives the Market Growth. Notable trends are: Video Surveillance is Anticipated to be the Largest Segment.
This is because it would breach the first data protection principle as: a) it is not fair to disclose claimant personal details to the world and is likely to cause damage or distress. b) these details are not of sufficient interest to the public to warrant an intrusion into the privacy of the claimant. Please click the below web link to see the exemption in full. https://www.legislation.gov.uk/ukpga/2000/36/section/40 Breach of Patient confidentiality Please note that the identification of claimants is also a breach of the common law duty of confidence. A claimant who has been identified could make a claim against the NHSBSA or yourself for the disclosure of the confidential information. The information requested is therefore being withheld as it falls under the exemption in section 41(1) ‘Information provided in confidence’ of the Freedom of Information Act. Please click the below web link to see the exemption in full.
Abstract copyright UK Data Service and data collection copyright owner.
The Cyber Security Breaches Survey, 2024 (CSBS) was run to understand organisations' approaches and attitudes to cyber security, and to understand their experience of cyber security breaches. The aim of the survey was to support the Government by providing evidence that can inform policies which help to make Britain a safer place to do business online. Details of changes for the 2024 survey can be found in the Technical Annex documentation.
These surveys have been conducted annually since 2016 to understand the views of UK organisations on cyber security. Data are collected on topics including online use; attitudes of organisations to cyber security and awareness of Government initiatives; approaches to cyber security (including investment and processes); incidences and impact of a cyber security breach or attack; and how breaches are dealt with by the organisation. This information helps to inform Government policy towards organisations, including how best to target key messages to businesses and charities so that they are cyber-secure (and so that the UK is the safest place in the world to do business online). The study is funded by the DSIT as part of the National Cyber Security Programme.
The underlying data are useful for researchers to better understand the response across a range of organisations and for wider comparability over time. The survey originally only covered businesses but was expanded to include charities from the 2018 survey onwards. From 2020, the survey includes a sample of education institutions (primary and secondary schools, further and higher education). Please note that the UK Data Service only holds data from 2018 onwards.
Further information and additional publications can be found on the GOV.UK Cyber Security Breaches Survey 2024 web page.
Organisational cyber security, views, experiences and behaviours of organisations (UK businesses, charities and educational institutions) on cyber security and cyber security breaches.
Attribution 4.0 (CC BY 4.0)https://creativecommons.org/licenses/by/4.0/
License information was derived automatically
Introduction This dataset records all curtailment events experienced by curtailable-connection customers. About Curtailment When a generation customer requests a firm connection under a congested part of our network, there may be a requirement to reinforce the network to accommodate the connection. The reinforcement works take time to complete which increases the lead time to connect for the customer. Furthermore, the customer may need to contribute to the cost of the reinforcement works.UK Power Networks offers curtailable-connections as an alternative solution for our customers. It allows customers to connect to the distribution network as soon as possible rather than waiting, and potentially paying, for network reinforcement. This is possible because under a curtailable connection, the customer agrees that their access to the network can be controlled when congestion is high. These fast-tracked curtailable-connections can transition to firm connections once the reinforcement activity has taken place. Curtailable connections have enabled faster and cheaper connection of renewable energy generation to the distribution network owned and operated by UK Power Networks.The Distribution System Operator (DSO) team has developed the Distributed Energy Resource Management System (DERMS) that monitors curtailable-connection generators as well as associated constraints on the network. When a constraint reaches a critical threshold, an export access reduction signal may be sent to generators associated with that constraint so that the network can be kept safe, secure, and reliable.This dataset contains a record of curtailment actions we have taken and the resultant access reduction experienced by our curtailment-connections customers. Access reduction is calculated as the MW access reduction from maximum × duration of access reduction in hours (MW×h). The dataset categorises curtailment actions into 2 categories: Constraint-driven curtailment: when a constraint is breached, we aggregate the access reduction of all customers associated with that constraint. A constraint breach occurs when the network load exceeds the safe limit. Non-constraint driven curtailment: this covers all curtailment which is not directly related to a constraint breach on the network. It includes customer comms failures, non-compliance trips (where the customer has not complied with a curtailment instruction), planned outages and unplanned outages Each row in the dataset details the start and end times, durations and customer access reduction associated with a curtailment actions. We also provide the associated grid supply point (GSP) and nominal voltage to provide greater aggregation capabilities. By virtue of being able to track curtailment across our network in granular detail, we have managed to significantly reduce curtailment of our curtailable-connections customers. Methodological Approach A Remote Terminal Unit (RTU) is installed at each curtailable-connection site providing live telemetry data into the DERMS. It measures communications status, generator output and mode of operation. RTUs are also installed at constraint locations (physical parts of the network, e.g., transformers, cables which may become overloaded under certain conditions). These are identified through planning power load studies. These RTUs monitor current at the constraint and communications status. The DERMS design integrates network topology information. This maps constraints to associated curtailable connections under different network running conditions, including the sensitivity of the constraints to each curtailable connection. In general, a 1MW reduction in generation of a customer will cause <1MW reduction at the constraint. Each constraint is registered to a GSP.DERMS monitors constraints against the associated breach limit. When a constraint limit is breached, DERMS calculates the amount of access reduction required from curtailable connections linked to the constraint to alleviate the breach. This calculation factors in the real-time level of generation of each customer and the sensitivity of the constraint to each generator. Access reduction is issued to each curtailable-connection via the RTU until the constraint limit breach is mitigated. Multiple constraints can apply to a curtailable-connection and constraint breaches can occur simultaneously. Where multiple constraint breaches act upon a single curtailable-connection, we apportion the access reduction of that connection to the constraint breaches depending on the relative magnitude of the breaches. Where customer curtailment occurs without any associated constraint breach, we categorise the curtailment as non-constraint driven. Future developments will include the reason for non-constraint driven curtailment. Quality Control Statement The dataset is derived from data recorded by RTUs located at customer sites and constraint locations across our network. UKPN’s Ops Telecoms team monitors and maintains these RTUs to ensure they are providing accurate customer/network data. An alarms system notifies the team of communications failures which are attended to by our engineers as quickly as possible. RTUs can store telemetry data for prolonged periods during communications outages and then transmit data once communications are reinstated. These measures ensure we have a continuous stream of accurate data with minimal gaps. On the rare instances where there are issues with the raw data received from DERMS, we employ simple data cleaning algorithms such as forward filling. RTU measurements of access reduction update on change or every 30-mins in absence of change. We also minimise postprocessing of RTU data (e.g. we do not time average data). Using the raw data allows us to ascertain event start and end times of curtailment actions exactly and accurately determine access reductions experienced by our customers. Assurance Statement The dataset is generated and updated by a script which is scheduled to run daily. The script was developed by the DSO Data Science team in conjunction with the DSO Network Access team, the DSO Operations team and the UKPN Ops Telecoms team to ensure correct interpretation of the RTU data streams. The underlying script logic has been cross-referenced with the developers and maintainers of the DERMS scheme to ensure that the data reflects how DERMS operates. The outputs of the script were independently checked by the DSO Network Access team for accuracy of the curtailment event timings and access reduction prior to first publication on the Open Data Portal (ODP). The DSO Operations team conduct an ongoing review of the data as it is updated daily to verify that the operational expectations are reflected in the data. The Data Science team have implemented automated logging which notifies the team of any issues when the script runs. This allows the Data Science to investigate and debug any errors/warnings as soon as they happen.
Other
Download dataset information: Metadata (JSON)
Definitions of key terms related to this dataset can be found in the Open Data Portal Glossary: https://ukpowernetworks.opendatasoft.com/pages/glossary/
As of January 2025, the most significant data breach incident in the United Kingdom (UK) was the 2017-2018 Dixons Carphone breach. As a result of this incident, 14 million user records were affected, and 5.6 million payment card information was exposed. The Equifax data breach between 2011 and 2016 impacted over 15 million customers nationwide.