Ransomware
Cybersecurity statistics about ransomware
Showing 101-120 of 972 results
86% of Akira attacks occurred in environments where a SonicWall device was present.
Akira accounted for more than 40% of all ransomware claims in At-Bay’s portfolio for the full year.
Roughly one in 10 ransomware incidents caused downtime exceeding 30 days.
The largest single business interruption claim hit $5M, the policy limit.
In 2025, the Qilin group was responsible for 12.8% of ransomware attacks.
In 2025, ransomware groups claimed 7,809 victims, a 27.3% year-over-year increase.
Among organizations victimized by ransomware, the share that paid a ransom increased from 41% to 55%.
Among organizations that paid ransoms, 61% successfully recovered their data, up from 54% the previous year.
64% of organizations experienced a ransomware attack in the past year.
The manufacturing sector experienced a 61% year-over-year surge in ransomware attacks in 2025, the sharpest growth of any industry.
Among organizations hit by ransomware where operations or data were affected, 44% recovered less than 75% of affected data.
Ransomware attacks among businesses have declined compared with the previous two years (1% this year down from 3% in both 2024/2025 and 2023/2024)
The popularity of the other groups in last year’s top five fell significantly this year, with LockBit 3.0 moving from first to 35th, RansomHub from second to eighth, and Hunter’s International from fifth to 28th.
Business services remained the most targeted sector by ransomware in March 2026, accounting for 35% of ransomware victims, followed by consumer goods & services (14%) and industrial manufacturing (13%).
Akira and Play, ranked as second and third most prolific ransomware groups, respectively.
January remains least active month for ransomware activity.
Individual extortion demands in healthcare reached as high as $4 million in the first half of 2025.
In March 2026, 672 ransomware attacks were reported globally. This represents an 8% decrease year over year, yet a 7% increase compared to February
Ransomware negotiation discounts of 50%–75% often take 20–60 days of negotiations.
North America was the most affected region by ransomware in March 2026, accounting for 55% of reported incidents, followed by Europe at 24% and APAC at 12%.