Between 2019 and 2023, manufacturing experienced large losses primarily from ransomware (86.7%), followed by other causes (10.0%) and data breaches (3.3%).

In 66.0% of data breach cases since 2019, the company’s own IT team or outsourced service providers discovered the attack.

Phishing attacks now account for over 70% of healthcare data breaches as of 2024.

In 2025, healthcare breaches took an average of 224 days to detect and another 84 days to contain—making it over 10 months total.

In the past year, 17% of organizations experienced a breach.

Vision Upright MRI faced a $5,000 fine plus two years of federal monitoring after a server breach exposed over 21,000 individuals' medical imaging records.

The healthcare sector saw a $2.35 million reduction in costs compared to 2024.

Of those compromised by an AI-related breach, 97% report not having AI access controls in place.

8% of organisations reported not knowing if they had been compromised by an AI-related breach.

Among organisations that reported recovery following a data breach, most took more than 100 days on average to do so.

One in five organisations (which is 20%) reported a breach due to shadow AI.

Less than half of those that plan to invest in security post-breach will focus on AI-driven security solutions or services.

Nearly half of all organisations reported that they planned to raise the price of goods or services because of a breach.

There was a 21% growth in data breaches in Q2 2025.

85% of organisations are "extremely" or "very" confident in their ability to detect breaches within 24 hours.

Nearly one-third of organisations reported price increases of 15% or more due to a data breach.

Breaches across the healthcare sector take the longest to identify and contain at 279 days, which is more than 5 weeks longer than the global average of 241 days.

36% of organisations experienced a data breach involving identity credentials.

13% of organisations reported breaches of AI models or applications.

There was a significant reduction in the number of organisations that planned to invest in security following a breach: 49% in 2025 compared to 63% in 2024.