24% of UK organisations have a formal policy never to pay a ransom. This figure is double the figure from 2023

Mid-sized companies (defined as 11 to 1,000 employees) constituted 64% of ransomware victims in Q2 2025.

Data exfiltration was a factor in 74% of all ransomware cases in Q2 2025.

The average ransom payment in Q2 2025 rocketed to $1.13 million, marking a 104% increase from Q1 2025.

The industries hit hardest by ransomware in Q2 2025 were Professional services: 19.7%, Healthcare: 13.7%, and Consumer services: 13.7%.

The top ransomware variants in Q2 2025 were: Akira (19%), Qilin (13%), and Lone Wolf (9%).

The median ransom payment in Q2 2025 reached $400,000, which is a 100% increase from Q1 2025.

The overall rate of organizations paying ransoms in Q2 2025 held steady at 26%.

BlackByte, a ransomware strain, had a prevention effectiveness rate of just 26%.

Maori, a ransomware strain, had a prevention effectiveness rate of 41%.

BabLock, another ransomware strain, had a prevention effectiveness rate of 34%.

41% of those who paid a ransom failed to recover all their data.

27% of ransomware incidents involved attackers stealing data.

59% of ransomware non-victims had implemented an email security solution.

25% of successful ransomware attacks led to a loss of new business opportunities.

Just under a quarter (24%) of the ransomware incidents experienced by respondents involved data encryption.

50% of law firms cited phishing as the top cybersecurity concern, a new category this year, surpassing ransomware and user behavior.

57% of the organisations surveyed were affected by ransomware.

29% of ransomware incidents involved infecting devices with other malicious payloads.

27% of ransomware incidents involved attackers publishing data.