The Qilin group was responsible for 20 ransomware incidents in Q3 2025.

Qilin was responsible for 16% of ransomware cases in Q3 2025..

51% of leaders at financial services firms say they are unprepared to recover effectively from a Ransomware attack.

1131 undisclosed ransomware attacks were recorded in Q3 2023.

The number of unreported ransomware attacks in Q3 2025 showed a 21% increase compared with the same period in 2024.

270 publicly disclosed ransomware attacks were reported in Q3 2025 - 36% increase compared to the same quarter in 2024.

Ransomware attacks in the healthcare sector accounted for 32% of all incidents in Q3 2025.

The healthcare sector experienced 86 ransomware attacks.

Reported ransomware attacks in July 2025 led with a sharp 50% year-on-year surge.

In Q3 2025, 54 ransomware groups were linked to attacks.

Manufacturing accounted for 22% of all undisclosed ransomware attacks in Q3 2025.

The services sector experienced 333 ransomware incidents in Q3 2025.

Across 449 dark web victim listings where details were available, the average data volume exfiltrated was 527.65GB in Q3 2025.

The construction sector suffered 143 ransomware attacks between July and September 2025.

Only 3% of undisclosed ransomware cases included an upfront ransom demand in Q3 2025.

The legal sector recorded 79 attacks, its highest level yet, in Q3 2025.

Qilin was responsible for 242 undisclosed ransomware attacks in Q3 2025, representing 16% of all undisclosed ransomware attacks.

Ransomware groups targeted organizations in 93 countries worldwide in Q3 2025..

Reported ransomware attacks in September 2025 rose by 27%.

The government sector reported 28 ransomware attacks in Q3 2025.