7% of organizations recovered in a day or less after an attack.

75% of organizations saw impact to their data protection infrastructure and storage systems after a cyber attack.

78% of organizations suffered from the inability to access data or IT outages due to an attack (e.g., ransomware, malware, DDoS).

57% of organizations suffered multiple data outages from an attack.

Ransomware group Radiant claimed to have exfiltrated data on over 8,000 children across Kido International's UK sites.

The INC ransomware group exfiltrated 5.7 TB of data from the Pennsylvania Office of Attorney General.

83% of organizations do not have a tested, defined recovery plan.

1 in 4 organizations (25%) were down more than a week from a cyberattack.

4–7 Days was the "normal" recovery time after a cyberattack.

The Pennsylvania Office of Attorney General's systems were taken down across 17 offices statewide.

Ransomware group Radiant published profiles of ten children following a ransomware attack on Kido International.

54% of organizations attacked paid a ransom.

92% of organizations still lost data after paying a ransom.

8% of organizations got all their data back after paying a ransom.

Nearly three in four companies report that the impact of cyber incidents in the past year has been severe or moderate.

56% of healthcare organizations that experienced ransomware attacks say it resulted in delays in procedures and tests.

61% of healthcare organizations say cloud/account compromises increased complications from medical procedures.

36% of healthcare organizations that experienced data loss or exfiltration incidents say it caused delays in procedures and tests that resulted in poor outcomes.

55% of healthcare organizations say data loss or exfiltration incidents impacted patient care.

67% percent of healthcare organizations say ransomware attacks had a negative impact on patient care.