Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Phishing
      • /
    • Report: 4 in 10 UK Businesses Were Breached by Phishing Last Year

    Report: 4 in 10 UK Businesses Were Breached by Phishing Last Year

    KnowBe4 Team | May 13, 2026

    43% of businesses in the UK reported a breach last year, with phishing driving the vast majority (85%) of these attacks, the Register reports. A survey by the British government found that attacks involving only phishing grew by six percent in 2025.

    “Phishing attacks remained the most prevalent type of breach or attack by far (experienced by 38% of businesses and 25% of charities) and continued to be ascribed as the most disruptive type of breach or attack (69% of businesses and charities that experienced a breach or attack),” the report says. “Among those who experienced a breach or attack, the proportion experiencing phishing attacks only (and no other type of breach or attack) has increased among both businesses (from 45% last year to 51% this year) and charities (from 46% last year to 57% this year). The qualitative interviews highlighted interviewees’ perception that phishing attacks had become easier for attackers to commit, and that this was contributing to what they perceived as an increase in attack volumes.”

    Despite increased publicity surrounding cyberattacks, the survey found that there has been no significant move to increase staff awareness about phishing techniques.

    “Qualitative insights highlighted that recent high-profile cyber attacks in the media had moved the perception risk from cyber attacks and breaches up the agenda within organisations,” “Despite this, staff training and awareness-raising activities remained stable across businesses compared with last year (19% in both 2024/2025 and 2025/2026).

    "There were signs of an increase among large businesses (76% in 2024/2025 to 84% in 2025/2026), but this did not represent a significant change. On the other hand, the proportion of charities running staff training and awareness raising activities has decreased since last year (17% in 2025/2026, down from 21% in 2024/2025), driven by a decline among low-income charities (13% in 2025/2026, down from 18% in 2024/2025).”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 Platform to strengthen their security culture and reduce human risk.

    The Register has the story: Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005

    Topics: Phishing Cybersecurity Email Security

    See KnowBe4 Defend™ in Action

    Learn how Defend™ strategically enhances Microsoft 365's native security to catch the threats Secure Email Gateways (SEGs) miss.

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All