Hundreds of thousands of Britons are falling victim to hackers each year, with new government figures revealing cybersecurity breaches remain rampant across the country despite warnings from authorities.
Over 612,000 UK businesses and 61,000 charities experienced some form of cyberattack or security breach in the past year, according to the Government’s Cyber Security Breaches Survey 2025. The alarming statistics show 43 per cent of companies suffered incidents, whilst medium and large enterprises face even greater risks with 70 per cent and 74 per cent respectively reporting breaches.
The figures come as major British retailers including Marks and Spencer, Co-op and Harrods have been hammered by devastating cyberattacks this year, with M&S alone losing £300 million in market value following a ransomware assault that crippled its online operations for 46 days.
Cybersecurity experts are now urging victims to act immediately and methodically when they discover they’ve been hacked, warning that swift action can mean the difference between minor inconvenience and catastrophic data loss.
The National Cyber Security Centre has issued clear guidance for individuals and businesses hit by hackers, emphasising that the first crucial step is disconnecting affected devices from the internet to prevent ongoing data theft or malware spreading to other systems.
Security specialists warn victims must run comprehensive antivirus and anti-malware scans before attempting to change any passwords, as malicious software can capture new credentials as they’re typed. This critical mistake could hand hackers fresh access to accounts that weren’t previously compromised.
Once devices are confirmed clean, victims should immediately change passwords for email, banking, social media and other important services using a separate, uncompromised device. Email accounts should be the top priority, as attackers controlling email can reset passwords for numerous other accounts.
Cybersecurity professionals strongly recommend using unique, complex passwords for each account, ideally managed through password manager software, and enabling multi-factor authentication wherever available. Multi-factor authentication remains one of the most effective defences against account takeovers.
Victims should thoroughly inspect email account settings for malicious forwarding rules, suspicious recovery addresses or unfamiliar connected applications, removing any unauthorised access immediately. Checking device sign-ins and revoking access for unrecognised devices or applications is equally vital.
For services offering activity logs, such as Google or Microsoft accounts, experts advise downloading or screenshotting evidence of suspicious logins, which can prove invaluable when reporting incidents to authorities or service providers.
Anyone discovering their financial accounts, payment cards or banking details have been exposed or used fraudulently should contact their bank immediately to report the fraud and request cards be frozen or replaced. All unauthorised transactions must be documented and reported through the bank’s official fraud procedures.
Serious incidents including ransomware attacks should be reported to national cyber authorities. In Britain, the NCSC provides guidance and support for both individuals and organisations, whilst Action Fraud handles criminal reports of cyber-enabled crime.
For systems suffering file encryption or suspected deep compromise, cybersecurity professionals advise restoring from verified clean backups or completely reimaging machines rather than attempting repairs. Trying to fix heavily compromised systems often leaves hidden backdoors that hackers can exploit later.
Victims should also check whether their email addresses or passwords appear in public breach databases and immediately change passwords on any exposed services to prevent credential stuffing attacks.
The average cost of cybercrime excluding phishing now stands at £990 per business, rising to £1,970 when zero-cost responses are excluded, according to government data. However, cyber-facilitated fraud carries significantly higher financial burdens, averaging £5,900 or £10,000 excluding zero responses.
Phishing remains the most prevalent attack method, with 85 per cent of affected businesses citing it as their main source of disruption. Security experts are increasingly concerned about sophisticated artificial intelligence-driven impersonation techniques making these attacks harder to detect.
After dealing with the immediate threat, victims must remain vigilant as criminals frequently attempt follow-up scams using stolen information. All phishing attempts or fraudulent contact should be reported to relevant service providers.
Keeping software and security tools updated, documenting everything and retaining copies of messages and receipts can prove crucial if law enforcement or insurers require evidence. Those whose sensitive personal data was exposed should consider enrolling in fraud monitoring or identity theft protection services.
The survey revealed troubling trends in corporate cybersecurity governance, with board-level responsibility for cyber defence declining from 38 per cent in 2021 to just 27 per cent in 2025, despite 72 per cent of businesses claiming cybersecurity remains a high priority.
Matt Cooke, cybersecurity strategist at Proofpoint, warned the decline in board-level oversight is particularly worrying, stating cyber security cannot be treated as an afterthought by anyone in an organisation, particularly those controlling budgets and business priorities.
Follow for more updates on Britannia Daily
