The single most-cited official UK cyber crime numbers on one page — computer misuse prevalence, recorded fraud and offence counts, the government business breach headline and the NCSC's national attack tally, every figure dated and traced to a primary source.
“How much cyber crime is there in the UK?” has no single answer, because different bodies count different things. This page pulls the four numbers journalists, insurers and compliance teams actually reach for into one maintained hub: the Office for National Statistics' Crime Survey for England and Wales (CSEW) for computer misuse prevalence, the same ONS bulletin for recorded fraud offences, the government's Cyber Security Breaches Survey (CSBS) for the business breach headline, and the NCSC Annual Review for nationally significant attacks. Every figure below states its data period so you can cite it with confidence.
Key facts and figures
- 686,000 computer misuse incidents were estimated by the CSEW in the year ending September 2025 — a 21% fall on the year before (ONS).
- 571,000 of those were unauthorised access to personal information, down 20% year on year (ONS, YE September 2025).
- 61% lower — computer misuse is well below its year-ending-March 2017 peak of around 1.8 million incidents (ONS, YE September 2025).
- 1.4 million fraud offences were recorded in the year ending September 2025, up 12% on the previous year (ONS).
- 43% of UK businesses — around 612,000 firms — identified a cyber breach or attack in 2025/26; 28% of charities (CSBS 2025/26).
- 19% of UK businesses were victims of at least one cyber crime in 2025/26 — roughly 267,000 firms (CSBS 2025/26).
- 204 “nationally significant” cyber attacks were handled by the NCSC in the 12 months to August 2025 — up 130% and about four a week (NCSC Annual Review 2025).
- 444,000+ cases were filed to CIFAS's National Fraud Database in 2025 — a record, with identity fraud the largest category (CIFAS Fraudscape 2026).
All figures on this page are the latest available as of July 2026. The CSEW refreshes quarterly — the year-ending-March 2026 crime bulletin is due around late July 2026 — while the Cyber Security Breaches Survey refreshes each spring and the NCSC Annual Review each autumn, so this page is updated on that cadence.
How much cyber crime is there in the UK each year?
There is no single “total cyber crime” number, so the honest answer combines a household survey with recorded-crime counts. The CSEW estimated around 686,000 computer misuse incidents against adults in England and Wales in the year ending September 2025 (ONS, published early 2026) — a 21% decrease on the previous year. Computer misuse is the survey's term for hacking and malware-type offences, and it is the closest thing to a population-level measure of cyber crime experienced by the public.
Alongside that, the ONS bulletin records fraud, much of which is now cyber-enabled. Total recorded fraud offences reached 1.4 million in the year ending September 2025, a 12% increase on the 1.2 million logged the year before. The two measures move in opposite directions because they count different things: the CSEW captures incidents people experience whether or not they report them, while recorded crime captures what is reported to and logged by the authorities.
For UK organisations specifically, the government's Cyber Security Breaches Survey is the reference point: 43% of businesses and 28% of charities identified a breach or attack in the 12 months to the 2025/26 survey — equivalent to roughly 612,000 businesses and 57,000 charities. That headline is unpacked in full further down this page.
What is computer misuse and how is it measured?
Computer misuse is the offence category the ONS uses for cyber-dependent crime — offences that can only be committed using a computer, such as hacking, unauthorised access to accounts, and computer viruses or malware. It sits under the Computer Misuse Act 1990 and is measured two ways, which is why the figures can look contradictory.
The first measure is the CSEW, a large household survey that asks a representative sample about their experiences. It splits computer misuse into two types: unauthorised access to personal information (including hacking) and computer viruses. Of the 686,000 computer misuse incidents in the year ending September 2025, around 571,000 were unauthorised access to personal information, down 20% year on year (ONS). Because it captures incidents whether or not victims report them, the CSEW is the better guide to how widespread cyber crime actually is.
The second measure is recorded crime — offences referred to the National Fraud Intelligence Bureau and logged. These counts are far smaller than survey estimates because most incidents are never reported, but they show what the reporting and enforcement system is handling. The distinction matters: if you need a prevalence figure, cite the CSEW; if you need a reported-offences figure, cite recorded crime, and always state which one you mean.
| Measure | Latest figure | Change on prior year | Source & period |
|---|---|---|---|
| Computer misuse incidents (CSEW) | 686,000 | −21% | ONS, YE Sept 2025 |
| Unauthorised access to personal info (CSEW) | 571,000 | −20% | ONS, YE Sept 2025 |
| Total recorded fraud offences | 1.4 million | +12% | ONS, YE Sept 2025 |
| Fraud offences recorded by Action Fraud | 62,151 | +29% | ONS, YE Sept 2025 |
| Nationally significant attacks (NCSC) | 204 | +130% | NCSC, 12 months to Aug 2025 |
Sources: ONS Crime in England and Wales, year ending September 2025; NCSC Annual Review 2025.
Is UK cyber crime going up or down?
It depends which crime and which measure — but the headline for cyber-dependent crime is down. CSEW computer misuse fell 21% in the year ending September 2025 and is now 61% lower than the year ending March 2017, when the survey estimated around 1.8 million incidents. On a population-survey basis, hacking and malware offences against the public have been in a long-term decline for most of a decade.
Fraud is the opposite story. Recorded fraud offences rose 12% to 1.4 million in the year ending September 2025, and fraud offences recorded by Action Fraud reached 62,151, up 29% on the 48,305 logged the previous year (ONS). The direction of Action Fraud's own counts also shifts between reporting periods: in the year ending March 2025, Action Fraud recorded 299,046 fraud offences, a 4% decrease on the prior year (ONS Nature of fraud and computer misuse, released 26 March 2026). Different windows tell different stories, which is why a stated data period matters so much with these numbers.
The financial losses behind the fraud figures keep climbing. £629.3 million was stolen through fraud in the first half of 2025, with 17% more cases than in the same period of 2024, following £1.17 billion stolen across the whole of 2024 (UK Finance Half Year Fraud Report 2025). Payment-fraud detail sits with UK Finance rather than this page, but the trend is clear: cyber-dependent crime is falling while fraud, much of it enabled online, is rising.
How many UK businesses and charities are breached?
43% of UK businesses and 28% of charities identified a cyber security breach or attack in the 12 months to the 2025/26 Cyber Security Breaches Survey (fieldwork August to December 2025). That scales to roughly 612,000 businesses and 57,000 charities. Not every breach amounts to a crime: 19% of businesses (about 267,000) and 14% of charities (about 28,000) were victims of at least one cyber crime over the same period, once the survey applies its stricter Home Office Counting Rules definition.
The attack mix is dominated by one method. Phishing was the most common breach type, hitting 38% of businesses, and was rated the most disruptive attack in 69% of cases (CSBS 2025/26) — the full phishing breakdown lives on our phishing statistics UK page. At the other end, ransomware affected 1% of businesses in 2025/26, down from 3% in each of the prior two years; despite the low prevalence it remains among the most damaging attacks, covered on our ransomware statistics UK page. The wider breach picture — including how these attacks translate into reportable personal data breaches — is on our data breach statistics UK page.
How many nationally significant attacks does the NCSC handle?
The NCSC dealt with 204 “nationally significant” cyber attacks in the 12 months to August 2025, up 130% from 89 the year before — about four every week (NCSC Annual Review 2025, published October 2025). “Nationally significant” is the NCSC's own severity threshold: incidents serious enough to demand a coordinated national response, well above routine attacks. A 130% jump in that top tier in a single year is one of the starkest cyber signals in the official data.
Below that threshold, the NCSC's incident management team received 429 reports of incidents requiring support over the year. Together the two counts show the shape of the national workload: a large base of incidents needing help, and a sharply growing peak of the most serious cases. These are national-response counts, not victim-prevalence figures — for how many organisations are affected across the whole economy, the CSBS breach headline above is the right measure.
How much is lost to fraud and identity crime?
Over 444,000 cases were filed to CIFAS's National Fraud Database in 2025 — a record, up 6% — with identity fraud the largest single category at 242,003 cases (CIFAS Fraudscape 2026, covering 2025 data). CIFAS runs the UK's main cross-sector fraud-prevention database, so a record year of filings signals both rising fraud attempts and improved detection. Detailed identity-fraud and CIFAS analysis sits with those specialist sources rather than this page, which keeps to the umbrella counts.
On the money side, £629.3 million was stolen through fraud in the first half of 2025 (17% more cases than H1 2024), following £1.17 billion stolen across the whole of 2024 (UK Finance Half Year Fraud Report 2025). UK Finance is the authority for payment-fraud losses, and its totals should never be quoted as cyber-crime losses alone — much of it is authorised push payment fraud driven by social engineering rather than hacking. The takeaway for this hub: cyber-dependent crime is falling on the survey measure, while fraud losses and filings are rising.
What replaced Action Fraud for reporting cyber crime and fraud?
City of London Police launched a new Report Fraud service on 4 December 2025, with full public launch in January 2026, replacing the long-running Action Fraud brand (gov.uk announcement). Report Fraud is the national reporting point for fraud and cyber crime in England, Wales and Northern Ireland; in Scotland, reports go to Police Scotland. The service is designed to be simpler to use and faster to triage than the system it replaces.
The change matters for anyone citing these statistics. Historical figures are still labelled “Action Fraud” in the ONS bulletins — for example the 62,151 fraud offences recorded by Action Fraud in the year ending September 2025 — because that was the reporting channel during the period measured. As Report Fraud beds in through 2026, expect the ONS to update its terminology, and treat any pre-2026 “Action Fraud statistics” reference as describing the predecessor service. If you have lost money to fraud, report it through Report Fraud (or Police Scotland if you live in Scotland).
Frequently asked questions
How much cyber crime is there in the UK each year?
The best population-level measure is the Crime Survey for England and Wales, which estimated around 686,000 computer misuse (hacking and malware) incidents in the year ending September 2025, a 21% fall on the year before. Separately, 1.4 million fraud offences were recorded over the same period, and 43% of UK businesses identified a cyber breach or attack in the 2025/26 Cyber Security Breaches Survey.
What is computer misuse and how is it measured?
Computer misuse is the ONS category for cyber-dependent crime — hacking, unauthorised access and malware — under the Computer Misuse Act 1990. It is measured by the CSEW household survey (which captures incidents whether or not they are reported) and by recorded crime (offences reported and logged). The CSEW is the better guide to prevalence; recorded crime shows what the enforcement system is handling.
Is UK cyber crime going up or down?
It depends on the crime. Computer misuse is down: the CSEW measure fell 21% in the year ending September 2025 and is 61% below its 2017 peak of around 1.8 million incidents. Fraud is up: recorded fraud offences rose 12% to 1.4 million, and £629.3 million was stolen through fraud in the first half of 2025 alone.
What replaced Action Fraud for reporting cyber crime and fraud?
City of London Police launched the Report Fraud service on 4 December 2025, with full public launch in January 2026. It replaces the Action Fraud brand as the national reporting point for fraud and cyber crime in England, Wales and Northern Ireland; in Scotland, reports go to Police Scotland. Older statistics still carry the “Action Fraud” label because that was the channel in use when the data was collected.
How many serious cyber attacks does the UK face?
The NCSC dealt with 204 “nationally significant” cyber attacks in the 12 months to August 2025 — about four a week and up 130% on the year before — plus 429 incident reports requiring hands-on support (NCSC Annual Review 2025).
Related guides
- Phishing statistics UK
- Ransomware statistics UK
- Data breach statistics UK
- ICO complaints statistics UK
- Cyber security skills gap statistics UK
- GDPR data breach: what to do in the first 72 hours
Sources & references
- ONS — Crime in England and Wales, year ending September 2025 (computer misuse & fraud, quarterly)
- ONS — Nature of fraud and computer misuse in England and Wales, year ending March 2025 (released 26 March 2026)
- DSIT & Home Office — Cyber Security Breaches Survey 2025/26 (fieldwork Aug–Dec 2025)
- NCSC — Annual Review 2025 (12 months to August 2025, published October 2025)
- City of London Police — Report Fraud service replacing Action Fraud (launched 4 December 2025)
- UK Finance — Half Year Fraud Report 2025 (H1 2025)
- CIFAS — Fraudscape 2026 (National Fraud Database, 2025 data)
Most cyber crime that reaches UK organisations starts with a person — a clicked link, a reused password, a mishandled record. Train your team to recognise the threats and handle personal data safely.
Explore the GDPR & Data Protection Course →