Recent Breaches
Breaches
View All →
Home/Research/UK Ransomware Tracker

UK Ransomware Tracker

A free, citable dataset of disclosed ransomware and major data-breach incidents affecting UK organisations. Compiled by Firevault from ICO disclosures and verified press reporting. Updated quarterly.

6 UK incidents tracked. Cite as: Firevault UK Ransomware Tracker, fire-vault.com, accessed 3 July 2026.

Organisation Sector Date Records Type Source
NHS Scotland 2026 Undisclosed Ransomware Source
Marks & Spencer

Major UK retailer suffered cyber attack affecting millions of customers

Retail 2025 9.4M Cyber Attack BBC News
Co-operative Group

UK supermarket chain hit by significant cyber attack

Retail 2025 Undisclosed Cyber Attack BBC News
Jaguar Land Rover

Luxury car manufacturer targeted in cyber attack

Automotive 2025 Undisclosed Cyber Attack Reuters
Royal Mail

LockBit ransomware attack disrupted international mail services for 6+ weeks

Logistics 2023 Operations halted Ransomware BBC News
British Library

Rhysida ransomware attack caused £7M in damages and months of disruption

Public Sector 2023 Undisclosed Ransomware The Guardian

Methodology

Incidents are added when (a) the affected organisation has a UK presence and (b) the breach is confirmed by the organisation, the ICO, or two independent press sources. Data is reviewed and corrected continuously; corrections welcome at research@fire-vault.com.

    Firevault

    Firevault is Offline Secure Storage. Hardware you own, physically disconnected by default, with KYC-verified access. Ransomware-proof by design, not by patch.

    © 2026 Firevault Limited. Disconnect to Protect®