Financial services
We've curated 174 cybersecurity statistics about Financial services to help you understand how evolving threats like phishing, data breaches, and advanced fraud techniques are reshaping the industry in 2025.
Showing 1-20 of 174 results
Reported ransomware incidents targeting finance increased 30% from 2024 to 2025.
Direct ransomware attacks on financial institutions spiked 76% year-over-year in Q1 2026.
Across all financial services vendors, 50.2% carry high-severity CVEs.
The number of distinct threat groups targeting finance increased from 37 in 2023 to 45 in 2024 and to 48 in 2025.
Qilin was responsible for 59 finance-sector incidents in the past year.
From 2024 to 2025, the number of critical vulnerabilities carried across vendors serving the financial sector increased 387%.
54% of the 140 vendors whose client base is meaningfully concentrated in finance carry at least one vulnerability listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
Banks reported 71 ransomware disclosures in 2023 compared to 44 disclosures by investment firms, while by 2025 banks fell to 36 disclosures and investment firms rose to 84 disclosures (41.6% of all incidents).
Critical-level patch management failures were present in 78% of the 140 vendors whose client base is meaningfully concentrated in finance.
Among the 140 vendors whose client base is meaningfully concentrated in finance, critical vulnerabilities increased 181%.
Financial services applications faced a 91% attack rate in 2026, the highest recorded for any vertical.
FAMOUS CHOLLIMA doubled its operations using AI-generated identities to infiltrate cryptocurrency exchanges, fintech platforms, and consumer banks.
DPRK-nexus actors stole a reported $2.02 billion in digital assets across the financial services sector in 2025.
Financial service organizations outside of banking require 24 days to remediate exposures.
Hands-on-keyboard intrusions against financial institutions spiked 43% globally and 48% in North America over the past two years.
423 financial services organizations appeared on dedicated leak sites, marking a 27% year-over-year increase.
36% of financial services organisations and 36% of IT & technology organisations report modernising most or all core systems, compared with 12% of public sector organisations and 19% of industrial organisations
Financial services accounted for 24% of all bot attacks and 46% of account takeover incidents.
Telnet exposure in financial services is 12%, up from 3%.
77% of bank leaders are concerned about fraud and scams targeting their employees and organization.