Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Culture, Media and Sport, whether her Department's cyber security department investigated the recent hacking of Yahoo in order to inform its policies; and whether the Government plans to introduce a mandatory reporting requirement for breaches of that type.

The cyber security of the UK is a top priority for the Government, which is why we are investing £1.9bn in our five year National Cyber Security Strategy. The National Cyber Security Centre (NCSC) is the Government's centre of expertise in cyber security, providing a unified source of advice, guidance and support, including the management of cyber security incidents. When a significant cyber security incident occurs, the NCSC works collaboratively with Government agencies, departments and industry to assist the victim and ensure any lessons learned from serious incidents are actively communicated to the sector affected and fed into policymaking. A full investigation into the Yahoo security breach is taking place in the US, UK and Ireland.

The forthcoming General Data Protection Regulation will introduce a system of mandatory breach reporting. The Government is working with the Information Commissioner's Office and industry on how best to implement these changes.