The Growing Challenge of Cybercrime in the UK

Tayyaba Taimur, LLB Law

Just over four in ten businesses (43%) and three in ten charities (30%) reported having experienced a kind of cybersecurity breach or attack in the last 12 months. 

A cybersecurity breach is an incident that results in unauthorized access to a system bypassing its security controls, ultimately causing privacy concerns and security violations. Although fewer businesses reported a cyber breach in the past year, this is primarily due to a decline in the number of identified phishing attacks. Nevertheless, the prevalence of cyber breaches and attacks among medium and large businesses remains high, approximately 67% for medium-sized businesses and 74% for large ones.

The rising number of cyberattacks in the UK has exposed widespread vulnerabilities across all sectors, emphasizing the urgent need for stronger cybersecurity measures and greater investment in digital resilience. Recent high-profile attacks, including those on Co-op and Harrods, serve as a wake-up call, demonstrating the growing sophistication of cybercriminals and the pressing demand for improved protection nationwide.

In April 2025, M&S fell victim to a ransomware attack that disrupted the IT network, services, and led to the theft of both customer and employee data. This breach resulted in compromised private data, the suspension of online orders, and empty shelves due to logistical issues.

The hacking group responsible was identified as Scattered Spiders, a decentralized hacking group known for its sophisticated social engineering tactics and financially motivated attacks against large corporations. Bypassing the multi-factor authentication system, the group was able to successfully get around M&S’ security.

The Metropolitan Police and the National Crime Agency launched an investigation into the attack and made several arrests. 

In the weeks following the M&S attack, the same hacking collective targeted other major companies, including Co-op and Jaguar Land Rover. Co-op's internal security systems were breached through a similar ransomware strain, which encrypted customer service databases and temporarily disabled digital payment functions across several stores nationwide. Some employers even reported being locked out of internal communication networks. 

Around the same time period, Jaguar Land Rover confirmed that sensitive employee records and confidential supplier information had been leaked. Further investigations revealed that Scattered Spider was responsible for this breach as well. 

Another such example of the alarmingly increasing rate of cyber attacks in the UK, occurred in May 2025; when the UK’s Legal Aid Agency (LAA) suffered a major cyberattack that exposed the personal data of thousands of individuals, some of whom had been associated with the agency as far back as 2007. Although there has been no hacking collective officially identified as responsible. 

In response, the government announced a £20 million investment to modernise the LAA’s outdated systems. Temporary measures were also introduced, including deadline extensions and a return to paper-based processes, to ensure continued access to legal aid services while digital systems remain compromised.

The Cyber Security and Resilience Bill, proposed in 2025, aims to broaden regulations to cover more sectors, enforce stricter incident reporting, and give regulators stronger powers to enhance the UK’s cyber defenses and resilience against evolving threats. The bill is part of the government’s broader effort to modernise outdated frameworks and improve the UK's resilience to growing and increasingly sophisticated cyberattacks