The majority of 2024 cyber insurance claims (60%) originated from business email compromise (BEC) and funds transfer fraud (FTF) incidents.

System infiltration accounted for 7% of cyber claims. This excludes extortion and data breach events.

Looking at specific periods, Q3 2024 experienced the second-highest level of activity in cyber claims recorded since 2020. Activity in Q3 2024 rose 14% on Q3 2023.

Ransomware claims in 2024 declined by 31% compared to 2023.

Akira ransomware was the most prolific variant for Coalition policyholders, accounting for 13% of ransomware claims in 2024.

Black Basta accounted for just 3% of all ransomware claims in 2024.

The average ransom demand in 2024 was $1.1 million.

March 2025 held the highest volume of public ransomware cases of all time.

Ransom demands from threat actors decreased by 22% year-over-year (YoY) in 2024.

Cyber insurance claims frequency decreased by 7% year-over-year (YoY).

FTF (funds transfer fraud) claims frequency decreased by 2% YoY.

Although the amounts paid by UK ransomware victims continued to rise in 2024, extortion negotiations involving ransomware experts remained generally effective, often resulting in reductions of over 60% from the initial demands to the final payment.

Data breaches accounted for 17% of claims. This includes hostile and accidental external breaches, but excludes extortion.

Ransomware cyber insurance claims frequency decreased by 3%.

Financial fraud remained the most common incident type, accounting for 32% of all claims.

4 of 5 (83%) financial fraud claims began with email.

Overall claims frequency increased by 16% in 2024.

84% of agents understand the value of personal cyber insurance.

71% of agents report either pricing or breadth of coverage as the most important decision criteria for their clients purchasing personal cyber insurance.

56% of insurance agents reported that their customers don’t understand or agree with the value of cyber insurance.