The fastest ransomware case observed, involving Akira ransomware, takes just three hours from breach to encryption.

The Akira ransomware group was linked to 776 total recorded attacks in 2025.

In Q3 2025, Akira, Qilin, and INC Ransomware accounted for 65% of all ransomware cases investigated by Beazley Security.

In Q3 2025, the Akira ransomware group claimed 167 posts on their public leak site.

In Q3 2025, the Akira ransomware group accounted for approximately 39% of Beazley Security incident response cases.

Akira was responsible for 139 undisclosed ransomware attacks in Q3 2025, representing 9% of all undisclosed ransomware attacks.

Akira had 133 victims (organizations and individuals) in Q2 2025.

During Q3 2025, Akira claimed one healthcare industry organization as a victim on their DLS.

Akira's victim count in Q3 is 212% higher than the same period in 2024.

Akira experienced a single day spike of 20 claimed victims (organizations and individuals) on August 11th 2025.

Akira is among the top 3 ransomware outfits that impact organizations within the Technology vertical.

Akira had 150 victims (organizations and individuals) in Q3 2025.

Akira demonstrated a rise in activity with 13% more victims (organizations and individuals) in Q3 compared to Q2.

Akira was the second most active threat group in June 2025, with 31 attacks, rising from fourth place in May.

Akira has already listed 15% more victims in the first half of 2025 than it did throughout the entirety of 2024.

Akira listed approximately 130 organizations to its data-leak site each quarter in 2025.

Akira showed a 348% rise in the number of organizations named in Q2 2025 compared to the same period last year.

Akira ransomware was the most prolific variant for Coalition policyholders, accounting for 13% of ransomware claims in 2024.

Akira and RansomHub shared second place of most active threat group in March, with 62 attacks each.

Akira was the third most active ransomware group, with 77 attacks in February 2025.