FOI reference: FOI-2026-3416
You asked
I am writing to request information under the Freedom of Information Act 2000 regarding cyber security incidents recorded by Department for Science, Innovation and Technology (DSIT) or reported to the Office for National Statistics (ONS) or DSIT.
Specifically, I am requesting data for the period 1 April 2024 to 30 April 2025 (or the nearest available statistical reporting period) regarding:
Volume of Incidents: The total number of recorded cyber security breaches or attacks identified by the ONS or DSIT within its own infrastructure.
Incident Classification: A breakdown of these incidents by type (e.g., phishing, ransomware, unauthorised access, DDoS).
National Statistical Data: If held, the total number of cyber-related crimes or breaches reported across the UK as captured in the ONS "Crime in England and Wales" datasets for this period.
Impact Metrics: Any recorded data on the "days of downtime" or financial remediation costs associated with these breaches.
We said
Thank you for your request.
You have asked about Cyber Security breaches or attacks identified by the Office for National Statistics (ONS) or the Department for Science, Innovation and Technology (DSIT). We do not hold this information pertaining to DSIT, so you may wish to contact them directly for this information.
At the ONS, there have been no Cyber Security incidents that have resulted in a data breach, data loss, or compromise of the organisation in the period stated.
As regards your request for the total number of cyber-related crimes or breaches reported in the UK captured by the statistics we produce, we publish the number of computer misuse incidents (including hacking) experienced by the household population from the Crime Survey for England and Wales (CSEW) in our Crime in England and Wales: Appendix table A1. Please note however, that this does not include hacking offences against businesses and organisations.
We also publish data from the CSEW on fraud and computer misuse within our Crime in England and Wales quarterly appendix tables (tables C1 and C2). These tables also include data from the National Fraud Intelligence Bureau (NFIB) and UK Finance (tables C3 and C4).
More detailed breakdowns from the CSEW are published annually in our Nature of crime: fraud and computer misuse tables. This includes the proportion of incidents of fraud that were flagged as cyber and non-cyber offences (tables 5a to 5d).
Annual data from the CSEW and NFIB data including numbers of incidents and characteristics of victims are presented in our Nature of fraud and computer misuse in England and Wales: appendix tables.
Our statistics only cover England and Wales. Information on crime in Scotland can be found on the Scottish government website or by contacting Justice_Analysts@gov.scot. Information on crime in Northern Ireland can be found on the Northern Ireland Statistics and Research Agency website.
If you have any further questions, please contact us at CrimeStatistics@ons.gov.uk and we will endeavour to help.