Ransomware
Cybersecurity statistics about ransomware
Showing 81-100 of 972 results
68% of organisations have raised budgets for post-breach remediation and ransom payments.
Among organizations hit by ransomware where operations or data were affected, only 28% fully recovered all affected data.
Akira, a Ransomware-as-a-Service operation that has run since 2023, drove a 53% increase in ransomware frequency in the second half of 2025.
Ransomware accounted for about 90% of total incurred losses in Resilience's manufacturing insurance portfolio over the past five years.
In 2025, one in three ransomware claims triggered business interruption coverage.
Ransomware claims that triggered business interruption coverage averaged $510K in severity, compared to $168K for ransomware claims without business interruption.
Two-thirds of Akira attacks in 2025 occurred on nights or weekends.
Akira ransom demands averaged $1.2M, which is 50% higher than the non-Akira average.
In 2025, total ransomware payments fell 23%.
The ransom payment rate in healthcare is 68%–72% compared with about 40% in other sectors.
59% of cyberattacks on healthcare organizations involve ransomware.
Ransomware represented only 12% of claim volume among manufacturers despite accounting for the majority of incurred losses.
Ransomware victim post rates averaged approximately 150–200 per week in Q1 2026 and remained steady quarter-over-quarter and year-over-year.
51% of observed ransomware victims in Q1 2026 were based in the United States; the United Kingdom and Canada each accounted for 4%.
The construction industry experienced 131 ransomware victims in Q1 2026, a 44% year-over-year increase.
The Gentlemen ransomware group increased from 35 victims in Q4 2025 to 182 victims in Q1 2026.
46% of security decision makers identify ransomware attacks as a leading concern, 44% identify cloud environment breaches, 37% identify email compromise, 37% identify data theft, and 35% identify supply chain compromise.
Activity from the Qilin ransomware group declined by 25% and activity from the Akira ransomware group declined by 22%.
In 2025, the U.S. accounted for roughly one-third of global ransomware incidents.
In 2025, approximately 12.8% of B2B financial organizations experienced ransomware.