UK Cyber Security Breaches Survey 2025/2026: half of businesses breached, phishing dominant, logging readiness inconsistent

The UK government published its Cyber Security Breaches Survey 2025/2026 on 30 April 2026, reporting persistent breach and attack exposure among businesses, charities and education institutions. Half of businesses and around a third of charities reported experiencing some form of cyber security breach or attack in the preceding twelve months. Phishing remains the most common attack vector at 85% of businesses that identified breaches. Ransomware incidents requiring formal incident response were reported by 1% of businesses but with disproportionate impact. The survey found that logging, vulnerability assessment, reporting routes and evidence capture readiness remain inconsistent across sectors. For law enforcement, the survey provides the annual baseline for assessing the cyber threat environment across the UK public sector, including local government, NHS and education institutions that interface with policing data and evidence systems.

In this domain: UK NCSC advises full migration to passkeys, calling passwords legacy technology · ENISA publishes NCAF 2.0 — updated national cybersecurity capabilities self-assessment framework for EU Member States · Itron discloses April cyberattack on corporate IT systems — utility tech supplier used across critical infrastructure in 100+ countries