UK business breach rate 43%

Cyber breaches are still a normal part of doing business in the UK. That’s the blunt takeaway from the government’s latest survey, which says 43% of businesses reported a breach or attack in the previous 12 months. For medium businesses the number jumps to 67%, and for large businesses it hits 74%. So the headline is bad, but the deeper point is worse — this is not a fringe problem anymore. (gov.uk) ### What does that 43% actually mean? It comes from the UK government’s Cyber Security Breaches Survey 2025, published on June 19, 2025. The survey tracks cyber resilience across businesses, charities, and some education bodies. The 43% figure covers businesses that identified at least one cyber security breach or attack in the prior year, while charities came in at 30%. (gov.uk) ### Why is the number higher for bigger companies? Scale cuts both ways. Larger organizations have more staff, more devices, more suppliers, and more accounts to protect. That gives attackers more chances to get in — and it also means bigger firms are more likely(gov.uk) for medium businesses and 74% for large ones, versus a lower rate among small firms that pulls the overall average down to 43%. (gov.uk) ### What kind of attack shows up most? Phishing, by a mile. Among organizations that could identify the type of breach they faced, 85% of businesses and 86% of charities pointed to phishing. That matters because phishing is still the cheap, scalable entry point f(gov.uk)it keeps working because it targets people and login flows, not just software bugs. (gov.uk) ### Are companies training people enough? Not really. One of the more revealing details in the government material is how few organizations are doing recent cyber training. A separate official visual summary tied to the 2025 survey says only 19% of businesses and(gov.uk) — if the main attack path is tricking humans, weak training leaves the front door open. (assets.publishing.service.gov.uk) ### What does recovery cost? The exact bill varies a lot, but the House of Commons Library briefing makes the direction clear: the larger the organization, the more likely(assets.publishing.service.gov.uk)mage when something breaks publicly. (commonslibrary.parliament.uk) ### So why are passkeys suddenly part of this story? Because phishing keeps beating passwords and traditional MFA. The NCSC has now said it will begin recommending passkeys wherever a service supports them, and 2SV where passkeys are not available. Its recent guidance argues that passkey(commonslibrary.parliament.uk) in the wild, largely because they are far harder to phish or relay. (ncsc.gov.uk) ### Does that fix everything? No — but it closes one of the most common failure points. Passkeys do not solve bad patching, weak backups, or poor incident response. But if phishing is still the dominant breach route, then changing the login layer is one of t(ncsc.gov.uk)gov.uk) ### Bottom line The UK is not looking at a sudden cyber spike. It is looking at a persistent baseline of compromise. Nearly half of businesses reporting breaches means the question is no longer whether companies should harden access — it is how fast they can do it. (gov.uk)