VendorsSophos
Sophos
Cybersecurity reports and statistics published by Sophos
8 categories5 reports
Research Reports
Reports and publications from Sophos
Recent Statistics & Reports
The proportion of retailers hit by extortion-only attacks tripled from 2% in 2023 to 6% in 2025
11/9/2025•
RansomwareExtortion-only attackRetail
58% of retail organizations with encrypted data paid the ransom in 2025, marking the second highest payment rate in five years
11/9/2025•
RansomwareEncrypted dataRansom
26% of cases in retail saw leadership teams replaced as a result of data encryption in 2025
11/9/2025•
RansomwareLeadershipRetail
46% of retail ransomware incidents were traced to an unknown security gap in 2025
11/9/2025•
RansomwareSecurity gapRetail
The median ransom demand for retail ransomware attacks doubled to $2 million in 2025 compared to 2024
11/9/2025•
RansomwareRansom Retail
53% of companies that paid the ransom successfully negotiated a lower amount than the initial demand.
6/24/2025•
RansomwareRansom
Overall, 63% of organisations cited resourcing issues as a contributing factor to falling victim to a ransomwre attack.
6/24/2025•
Ransomware
Over half (53%) of organisations fully recovered from a ransomware attack in a week, up from 35% last year.
6/24/2025•
RansomwareRecovery
Only 18% took more than a month to recover from a ransomware attack, down from 34% in 2024
6/24/2025•
RansomwareRecovery
Lack of people/capacity was most frequently cited factor for falling for a ransomware attack by those with 251-500 employees.
6/24/2025•
RansomwareTalentStaff
The average cost of recovery from a ransomware attack dropped from $2.73 million in 2024 to $1.53 million in 2025.
6/24/2025•
RansomwareCost
Healthcare reported the lowest median ransom payment at $150,000.
6/24/2025•
RansomwareRansomHealthcare
The median ransom demand decreased by a third between 2024 and 2025.
6/24/2025•
RansomwareRansom
40% of ransomware victims stated that adversaries exploited a security gap they were unaware of, highlighting issues with attack surface visibility.
6/24/2025•
RansomwareVulnerabilities
The median ransom payment dropped by 50% from $2 million in 2024 to $1 million in 2025.
6/24/2025•
RansomwareRansom
In 71% of cases where companies paid a smaller ransom than the initial demand, negotiation played a role, either directly or with third-party assistance.
6/24/2025•
RansomwareRansom
Organisations with $250 million revenue or less saw median ransom demands of less than $350,000.
6/24/2025•
RansomwareRansom
Lack of expertise was the top operational cause of ransomware attacks in organisations with over 3,000 people.
6/24/2025•
Ransomware
44% of companies were able to stop the ransomware attack before data was encrypted, marking a six-year high.
6/24/2025•
RansomwareData encryption
Only 54% of companies used backups to restore their data after a ransomware attack, which is the lowest percentage in six years.
6/24/2025•
RansomwareBackups
Showing 21-40 of 60 results