Asked by: Lisa Smart (Liberal Democrat - Hazel Grove)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what assessment she has made of the performance of the Report Fraud service since its launch in December 2025 including of the (a) average response times to fraud reports, (b) proportion of reports resulting in investigation by local police forces and (c) victim satisfaction compared to the previous Action Fraud service.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
Report Fraud is the new and improved national police reporting service for fraud and cybercrime which replaced the previous Action Fraud service on 4 December 2025.
Report Fraud uses the latest technology to enhance the reporting experience and report updates for victims, and to improve the speed and quality of information shared with police, increasing the chances of successful investigations and prosecutions.
The City of London Police, who oversee the service, have provided data from the service which shows the following improvements compared to the previous service:
Asked by: Nick Timothy (Conservative - West Suffolk)
Question to the Ministry of Justice:
To ask the Secretary of State for Justice, what progress has been made by law enforcement on apprehending those responsible for the Legal Aid Agency cyber attack.
Answered by Sarah Sackman - Minister of State (Ministry of Justice)
Since April 2025 there has been a net increase to the number of providers contracted to deliver legal aid services. The Legal Aid Agency (LAA) publishes data about provider numbers as part of its official statistics (table 9.6). Data for the period April to December 2025 is scheduled for release on 26 March 2026.
The LAA also routinely publishes data about the volume and value of legal aid cases across all legal aid schemes as part of its official statistics. As above, data for the period April to December 2025 is scheduled for release on 26 March 2026.
As set out in my response to PQ 98862, since the serious criminal attack on the LAA’s digital services was identified we have worked closely with relevant law enforcement agencies and Police. As sensitive investigations remain ongoing it would not be appropriate to comment on the nature or detail of this engagement.
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what estimate her Department has made of the number of cyber attacks on energy infrastructure.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure.
The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors.
The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to.
The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations.
The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest.
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the potential merits of creating a cyber incident database with compulsory fixes to be created for energy infrastructure.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure.
The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors.
The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to.
The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations.
The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest.
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the risk of cyber attacks on energy infrastructure.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure.
The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors.
The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to.
The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations.
The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest.
Asked by: Liz Jarvis (Liberal Democrat - Eastleigh)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps her Department is taking to enhance the accessibility of reporting mechanisms for fraud and cyber crime.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
A new and improved national police reporting service for fraud and cyber crime called Report Fraud went live on 4 December 2025, replacing the previous Action Fraud service. The new service will ensure that victims of fraud have the confidence and trust to come forward, report instances of fraud, and know that their case will be dealt with properly.
Report Fraud will speed up the time it takes to report, inform victims about what has happened or is happening with their report and significantly improve the speed and quality of information provided to law enforcement partners, boosting their chances of successful prosecutions.
Asked by: Joshua Reynolds (Liberal Democrat - Maidenhead)
Question to the HM Treasury:
To ask the Chancellor of the Exchequer, what estimate she has made of the cost to the public purse of cyber attacks in 2025.
Answered by Lucy Rigby - Economic Secretary (HM Treasury)
I refer the hon. Member to the answer given to UIN 102698.
Asked by: Joshua Reynolds (Liberal Democrat - Maidenhead)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what estimate she has made of the cost of cyber attacks to the economy in 2025.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
In November 2025, the government published a set of independent research reports quantifying the impact of cyber attacks on the UK economy. These reports demonstrate the scale of the potential cost of cyber attacks to UK businesses, with KPMG’s report Economic Modelling of Sector Specific Costings of Cyber Attacks estimating the average cost of a significant cyber attack for an individual business in the UK to be almost £195,000. Scaled to an annual UK cost to businesses, this amounts to an estimated £14.7 billion.
The Government has developed tools for businesses to protect themselves, including:
The Government is also taking further action to protect the economy. The Cyber Security and Resilience Bill will boost our cyber defences and better protect our essential services. This year, we will publish a new National Cyber Action Plan setting out how Government will respond to the cyber threat and work with industry to raise resilience across the economy.
Asked by: Al Pinkerton (Liberal Democrat - Surrey Heath)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps her Department is taking to help tackle cyber crime in (a) Surrey and (b) Surrey Heath constituency.
Answered by Dan Jarvis - Minister of State (Cabinet Office)
Cyber crime causes huge damage to people and businesses across the UK and is a leading priority for the Government. The Home Office works with our partners across Government and law enforcement, including the National Crime Agency, National Cyber Security Centre (NCSC) and Policing to tackle all cyber threat, including cyber crime.
The Home Office funds the Regional Cyber Crime Units (RCCUs) across England and Wales, tasked with investigating and pursuing serious cyber offenders conducting crime committed in, or against, the UK. This includes the South East Cyber Crime Unit in the South East Regional Crime Unit (SEROCU), which covers Surrey and Surrey Heath. Since 2017, in partnership with local Police and Crime Commissioners, the Home Office has directly funded a national network of specialist officers trained to investigate cyber crime and support local communities in efforts to prevent crimes that occur online.
The South East Cyber Crime Unit is the first in the UK to operate as a fully collaborated unit across the South East Region. It brings together experts from SEROCU, Hampshire and Isle of Wight Constabulary, Thames Valley Police, Surrey Police, and Sussex Police into a single flexible capability. The unit follows the Serious and Organised Crime ‘4P’ model, including Pursue, Prevent, Protect and Prepare, with each force retaining a Pursue Team working collaboratively with regional resources.
Cyber crime is treated as Serious and Organised Crime within SEROCU’s control strategy. The aim is to identify, disrupt, and reduce the impact of cyber criminals as part of the National Cyber Network. SEROCU target offenders profiting from cyber tools or stolen data, carry out work to prevent cyber crime and pursue criminal justice outcomes as appropriate.
Through Protect and Prepare work, SEROCU engage businesses and communities via outreach, webinars, and partnerships to improve cyber security awareness and assist the public and organisations in recovery and resilience. This includes the Cyber Resilience Centre (CRC) for the South East, funded by the Home Office, which offers a package of measures to small and medium-sized enterprises (SMEs), providing tailored advice and long-term support, aligned to National Cyber Security Centre (NCSC) standards, helping these organisations take proactive steps towards improving their cyber security.
Asked by: James McMurdock (Independent - South Basildon and East Thurrock)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, how many cyber-attacks he estimates have been conducted against One Login in the past three years.
Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology)
The Government does not routinely comment on operational security matters.