Public Sectorransomware5 min read

Cyber Impact Stats 2025

Downtime Duration

1 year (2025)

Estimated Costs

£195,000 - £14.7 Billion

Scope

Multi-site

Operational Impact

  • 97% of Higher Education and 86% of Further Education institutions identified a breach or attack in the last year.
  • Over 2,400 suspected data breaches were reported by UK local authorities in 2024 alone.
  • 75% of high-income charities experienced a breach, highlighting the risk to large non-profit public service providers.
  • The average cost of a significant cyber-attack for a UK organization is estimated at £195,000.
  • A single cyber-attack on a UK hospital is estimated to cost £11.14 million on average.
  • Cyber-attacks cost the UK economy an estimated £14.7 billion annually, equivalent to 0.5% of GDP.

Summary

2025 was a year of bad cyber incidents and attacks, as concluded by Government Research conducted by DSIT. What were their findings? What did they conclude?

Full Analysis

 

Cyber Impact Stats 2025. 

Introduction 

Recent UK Cyber Security Statistics (2024–2025) (Source DSIT, Nov 2025) 

Metric  UK Statistics (2024/25)  Source 
Public Sector Vulnerability  97% of Higher Education and 86% of Further Education institutions identified a breach or attack in the last year.  DSIT CSBS 2024 
Local Government Impact  Over 2,400 suspected data breaches were reported by UK local authorities in 2024 alone.  FOI Research (June 2025) 
High-Income Charities  75% of high-income charities experienced a breach, highlighting the risk to large non-profit public service providers.  DSIT CSBS 2025 
National Economic Impact  Cyber-attacks cost the UK economy an estimated £14.7 billion annually, equivalent to 0.5% of GDP.  GOV.UK (Nov 2025) 
Average Cost (Significant Attack)  The average cost of a significant cyber-attack for a UK organization is estimated at £195,000.  DSIT/KPMG (Nov 2025) 
Specific Healthcare Costs  A single cyber-attack on a UK hospital is estimated to cost £11.14 million on average.  DSIT Economic Research (2025) 

The above table represents important metrics of cybercrime in the UK from 2024-2025, as found by the Department for Science, Innovation and Technology (DSIT) (DSIT, 2025).  

The figures do not lie; cyber-crime is – at best – stagnating at a high level with minimal change, and at worse are increasing each year. And private businesses are affected each year in each of these areas. This case study will look at these statistics in more depth as well as certain examples and how they relate to these statistics.   

Public Sector Vulnerability 

Universities and schools have been targeted more often by cyber criminals in recent years. Most recently, over 9000 schools across the UK, Canada, Australia and the USA had a combined 3.5 terabytes of data stolen when the popular learning software Canvas was hacked to extort a bitcoin ransom (Tidy, 2026) 

This is merely a sign of escalating cyber-attacks on public institutions dedicated to research and education, even more so than other private businesses in this sector, with a reported 65% of secondary schools, 85% of education colleges and 91% of high education institutions having a high prevalence of cyber-attacks or data breaches in 2025 alone (Gov.uk, 2025A). 

The main reason behind the increased attacks could be because of the need for funding and lack of specialist knowledge in the event of ransomware or phishing attacks, the most popular methods for targeting these institutions. Examples of cyber-attacks during this period include West Lothian Council’s education network, Newcastle University, the University of Manchester, and the University of Wolverhampton (Milmo and Adams, 2025). 

Disturbingly, the Information Commission’s Office (ICO) found that over half of these cyber-attacks were committed by the students themselves (ico.org.uk, 2025). Mostly by exploiting poor password security or accessing staff computers, the motivations of these attacks ranging from manipulating or deleting student and staff records, to simply accessing sensitive information to test their own skills. ICO have since recommended parents and schools have conversations with students about the dangers of cyber-crime and to use their Cyber Choices program to educate themselves.  

Local Government Impact 

After USB data encryption company Apricorn requested for the information under the Freedom of Information (FOI) act was granted, it was found that UK councils reported a combined 2400 cyber-attacks in 2024, with the hardest hit being the Surrey, North Yorkshire, Oxfordshire and Suffolk County councils (Horton, 2025). 

In Suffolk County Council alone, out of the 406 reported data breaches, a merger 8 was disclosed to ICO. However, the council, like many other UK councils, justified it by saying that many of the incidents caused no harm, that their disclosures were ‘internal only’ and were classified as ‘near misses’. Some of the main causes of these cyber incidents included device and password mismanagement, inappropriate data sharing, and unauthorized access.   

Upon receiving the information, Apricorn’s managing director Jon Fielding blamed the attacks on human error, stating that “Even with training, guidance and policies in place, basic human error continues to be a significant cause of data breaches across local government. Add to this the large number of unencrypted or poorly secured devices still in circulation and the risk to data becomes even more pressing.” (Loughran, 2025) 

High-Income Charities 

In 2024, DSIT published a survey on cyber security breaches, during which they revealed that a third of UK charities, or 32% overall, had reported a cyber-attack in the prior 12 months (Gov.uk, 2024). These statistics showed a clear increase in recent years, with warnings that they could increase unless charities and other public institutions like schools made necessary upgrades to their IT structure (Scott, 2024).  

In 2025, DSIT published statistics from their Cyber security breaches survey, covering cyber security breaches across 2025 (gov.uk, 2025), 30% of all UK charities experienced a data breach, 86% which involved phishing methods. A similar report found that 75% of high-income charities had also experienced some kind of data breach. The financial impact can be severe, ranging from £3,240 to £350,000 (Wilson, 2025). 

Despite cyber-attacks slightly decreasing, only 21% of normal UK charities provided some kind of proper staff training for dealing with cyber-attacks. More high-income charities did provide training, but only 47% which shows a troubling trend with these public institutions not going the extra mile to protect their finances from being stolen.  

National Economic Impact 

In 2025, DSIT published independent research to better determine the overall economic effect cyber-attacks have on all UK sectors (cyberexchange.uk.net, 2025). Five Research Groups conducted research on areas such as sector specific costs, consumer impact, and disruptions to rail networks. 

There were many findings from the individual reports, but their core findings were arguably the most damning;  

  • The UK economy lost an estimated £14.7 billion annually from cyber-attacks, equivalent to 0.5% of its GDP.  
  • The average cyber-attack on a UK organization costs an estimated £195,000. 
  • In 2024, Fraud directly caused by Cyber Attacks cost the UK economy an estimated £1-8.5 Billion, or 0.04-0.30% of of yearly GDP. 

Average Cost (Significant Attack)  

A 2025 report by Frontier economics for DSIT found that data breaches made up 8% of overall fraud cases in the UK, costing local institutions (businesses, local councils, hospitals etc.) and individuals to £775 million, which involved targeting digital wallets and payment systems via methods such as phishing and identify theft (FrontierEconomics, 2025). However, the report only covered known breaches reported to ICO, meaning that the overall number might have been underestimated.   

DSIT’s commissioned research from the research group KPMG (KPMG, 2025) found how cyber-attacks affect the local consumer. The losses incurred by cyber-attacks included; 

  • Financial services: £5.5-231 Million over a three-day period 
  • Healthcare: Approx~ £20,000 per GP practice 
  • Real Estate and Renting: £140,000-£240,000 from Loss of Transaction Systems every 7 months 
  • Creative Industries and the Arts:  
  • £0.6-161 million in Online Ticket Systems 
  • £2.8-197 million in Online Streaming Services 
  • £270,000 in Cultural Institutions 
  • £20,000 in Libraries 

Specific Healthcare Costs  

As mentioned, cyber-attacks can cost GP Practices £20,000. But costs for UK hospitals are much more dire; in 2025, an average, single cyber-attack on a UK hospital was estimated to cost £11.14 million (KPMG, 2025). 

Cyber-attacks have always been a threat to the UK’s healthcare system, in both public and private sectors. But in 2025 cyber-attacks increase dramatically, the most infamous of which was when the Russian hacker group ‘Qilin’ stole patient data from a Synnovis, an NHS pathology provider, leading to 11,000 appointments being canceled (england.nhs.uk, 2025) and 400GB of patient data being published on the dark web (Skelton, 2024). 

When a healthcare service is affected by a cyber-attack, they lose more than money; they can lose invaluable information on patients, precious time that could be used to save lives, and trust within the organizations that we rely on for essential treatment.  

Conclusion 

In 2026, DSIT published statistics from their Cyber security breaches survey, covering cyber security breaches between 2025 and 2026 (gov.uk, 2026). There, they concluded that there were no signs of increased cyber threats. Whilst this is a good sign, they also found that not only were the few cyber-attacks that did occur had a very significant impact costs, but there was few progress in improving cybersecurity in the aftermath of these cyber-attacks. 

The exception to these findings is the Information and Communication Sector, where there were fewer businesses that were affected by cyber-crime in the previous year. This proves that strengthening cybersecurity is essential for this modern age of business, and that only the most seamless of security can protect you and your business. 

Sources 

  • Cyberexchange.uk.net (2025): Government publishes independent study revealing cost of cyber attacks to UK economy. Online Article published by Cyberexchange.uk.net: https://cyberexchange.uk.net/news/government-publishes-independent-study-revealing-cost-of-cyber-attacks-to-uk-economy/ 
  • England.nhs.uk (2025): Synnovis cyber incident: Update on the Synnovis cyber incident: 10 November 2025. Update published by www.england.nhs.uk: https://www.england.nhs.uk/synnovis-cyber-incident/ 
  • Gov.uk (2024): Cyber security breaches survey 2024. Statistics published by the Department for Science, Innovation and Technology (DSIT): https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024/cyber-security-breaches-survey-2024 
  • Gov.uk (2025A): Official Statistics: Cyber security breaches survey 2025: education institutions findings. Statistics published by the Department for Science, Innovation and Technology (DSIT): https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025-education-institutions-findings  
  • Gov.uk (2026): Cyber security breaches survey 2025/2026. Statistics published by the Department for Science, Innovation and Technology (DSIT): https://www.gov.uk/government/statistics/cyber-security-breaches-survey-20252026/cyber-security-breaches-survey-20252026  
  • Horton, C (2025): UK councils report 2,400 suspected data breaches. Editorial published by thinkdigitalpartners.com: https://www.thinkdigitalpartners.com/news/2025/06/26/uk-councils-report-2400-suspected-data-breaches/ 
  • KPMG (2025): The economic impact on consumers of cyber attacks. A KPMG report for the Department for Science, Innovation and Technology. Report Published by KPMG: https://assets.publishing.service.gov.uk/media/6914486cb49cc44345161638/Impact_on_consumers_of_cyber_attacks.pdf 
  • Milmo, D; and Adams, R (2025): Six out of 10 UK secondary schools hit by cyber-attack or breach in past year. Online News Article published by theguardian.com: https://www.theguardian.com/technology/2025/oct/05/uk-secondary-schools-suffered-cyber-attack-or-breach-in-past-year 
  • Scott, K (2024): Briefing: Schools, charities and public sector sees ‘more frequent’ cyber attacks in 2024. Online Analytical article published by insurancetimes.co.uk: https://www.insurancetimes.co.uk/analysis/briefing-schools-charities-and-public-sector-sees-more-frequent-cyber-attacks-in-2024/1452815.article 
  • Skelton, S.K (2024): Qilin ransomware gang publishes stolen NHS data online. Online News Article published by ComputerWeekly.com: https://www.computerweekly.com/news/366589583/Qilin-ransomware-gang-publishes-stolen-NHS-data-online 
  • Wilson, R (2025): Growing cybercrime threat to UK Charities. Online News Article published by armstrongwatson.co.uk: https://www.armstrongwatson.co.uk/news/2025/12/growing-cybercrime-threat-uk-charities 

See the Recovery Orchestration Engine in action.

Tour the solution story built for investors and acquirers.

No lock-inIntegrates with your existing stackEnterprise ready