Between 2019 and 2023, manufacturing experienced large losses primarily from ransomware (86.7%), followed by other causes (10.0%) and data breaches (3.3%).

Between 2019 and 2023, technology experienced large losses primarily from other causes (38.0%), followed by ransomware (32.0%) and data breaches (30.0%).

In 2025, healthcare breaches took an average of 224 days to detect and another 84 days to contain—making it over 10 months total.

Vision Upright MRI faced a $5,000 fine plus two years of federal monitoring after a server breach exposed over 21,000 individuals' medical imaging records.

In the past year, 17% of organizations experienced a breach.

Phishing attacks now account for over 70% of healthcare data breaches as of 2024.

8% of organisations reported not knowing if they had been compromised by an AI-related breach.

Of those compromised by an AI-related breach, 97% report not having AI access controls in place.

The healthcare sector saw a $2.35 million reduction in costs compared to 2024.

Among organisations that reported recovery following a data breach, most took more than 100 days on average to do so.

One in five organisations (which is 20%) reported a breach due to shadow AI.

Less than half of those that plan to invest in security post-breach will focus on AI-driven security solutions or services.

Nearly half of all organisations reported that they planned to raise the price of goods or services because of a breach.

There was a 21% growth in data breaches in Q2 2025.

85% of organisations are "extremely" or "very" confident in their ability to detect breaches within 24 hours.

Nearly one-third of organisations reported price increases of 15% or more due to a data breach.

Breaches across the healthcare sector take the longest to identify and contain at 279 days, which is more than 5 weeks longer than the global average of 241 days.

36% of organisations experienced a data breach involving identity credentials.

13% of organisations reported breaches of AI models or applications.

There was a significant reduction in the number of organisations that planned to invest in security following a breach: 49% in 2025 compared to 63% in 2024.