Akira's victim count in Q3 is 212% higher than the same period in 2024.

10% to 15% of revenue was offered as a split for the core operator within the RaaS ecosystem.

The United States accounted for 52.1% of global ransomware victims (organizations and individuals) in the prior quarter (Q2 2025).

IncRansom claimed 14 healthcare organizations as victims in Q3 2025.

Akira experienced a single day spike of 20 claimed victims (organizations and individuals) on August 11th 2025.

Qilin's 234 victims comprised 15% of the total ransomware victims (organizations and individuals) for Q3 2025.

Akira is among the top 3 ransomware outfits that impact organizations within the Technology vertical.

2.60% of global ransomware victims (organizations and individuals) in Q3 2025 were from Italy.

1.46% of global ransomware victims (organizations and individuals) in Q3 2025 were from Brazil.

Ransomware attacks on healthcare organizations accounted for 7.5% of all ransomware attacks in Q3 2025.

One individual's death was directly tied to the Qilin ransomware attack on Synnovis in June 2024.

1.33% of global ransomware victims (organizations and individuals) in Q3 2025 were from Australia.

Qilin's victim count was 234 organizations and individuals.

There were 200 publicly claimed manufacturing organizations that were victims of ransomware attacks in Q2 2025.

22.29% of global ransomware victims (organizations and individuals) in Q3 2025 were from all other countries not specifically listed.

Akira had 150 victims (organizations and individuals) in Q3 2025.

Akira demonstrated a rise in activity with 13% more victims (organizations and individuals) in Q3 compared to Q2.

SafePay impacted 111 organizations and individuals spread across 27 industries and 18 countries in Q2 2025.

Qilin's activity marks a 318% YoY increase.

The Qilin campaign claimed 29 financial organizations headquartered in the Republic of Korea as victims to their DLS in a mid-September Qilin campaign.