Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsRansomware

Ransomware

Statistics and intelligence on ransomware attacks, trends, and prevention strategies across global organizations.

Related Topics

Threat Actors7Akira5Ransomware Groups5Disclosed Ransomware Attacks4Qilin4Leak sites4

Top Vendors

BlackFog89CROWDSTRIKE79GuidePoint Security70NCC Group65AXA XL48Sophos38

Showing 61-80 of 784 results

The proportion of retailers hit by extortion-only attacks tripled from 2% in 2023 to 6% in 2025

Sophos11/9/2025
Extortion-only attackRetail

58% of retail organizations with encrypted data paid the ransom in 2025, marking the second highest payment rate in five years

Sophos11/9/2025
Encrypted dataRansom

26% of cases in retail saw leadership teams replaced as a result of data encryption in 2025

Sophos11/9/2025
LeadershipRetail

European organizations accounted for nearly 22% of global ransomware and extortion victims in 2025

CrowdStrike11/9/2025
ExtortionEurope

47% of retail IT/cybersecurity teams reported increased pressure after experiencing data encryption in 2025

Sophos11/9/2025
Data encryptionRetail

46% of retail ransomware incidents were traced to an unknown security gap in 2025

Sophos11/9/2025
Security gapRetail

Ransomware deployment speed increased by 48% as observed in 2025

CrowdStrike11/9/2025
Ransomware deploymentEurope

62% of retailers who experienced attacks restored their data using backups in 2025, the lowest rate in four years

Sophos11/9/2025
Encrypted dataBackup

92% of ransomware cases in Europe involved file encryption and data theft in 2025

CrowdStrike11/9/2025
EuropeData theft

The average cost of recovering from a ransomware attack in retail, excluding any ransom payment, dropped by 40% to $1.65 million in 2025, the lowest point in three years

Sophos11/9/2025
Ransom Retail

Since January 1, 2024, more than 2,100 victims across Europe were named on extortion leak sites

CrowdStrike11/9/2025
Extortion leak sitesEurope

The number of victims whose information was posted on the Qilin ransomware leak site peaked at 100 cases in June 2025.

Cisco Talos Blog11/1/2025
Qilin

In the second half of 2025, the Qilin ransomware group published victim information at a rate exceeding 40 cases per month.

Cisco Talos Blog11/1/2025
Qilin

In 2025, Cisco Talos reported multiple incidents related to Qilin ransomware.

Cisco Talos Blog11/1/2025
Qilin

Approximately 23% of all reported cases of Qilin ransomware affected the manufacturing sector.

Cisco Talos Blog11/1/2025
Qilinmanufacturing

Around 18% of Qilin ransomware cases impacted professional and scientific services.

Cisco Talos Blog11/1/2025
Qilin

About 10% of Qilin ransomware cases were related to wholesale trade.

Cisco Talos Blog11/1/2025
Qilinwholesale

Over 40% of organizations reported using AI or automation to support threat detection and alerting in response to a ransomware incident

CROWDSTRIKE10/21/2025
AIRecovery

In 2025, 70.4% of ransomware attacks, totaling 3,310 incidents, were distributed across other regions.

KELA10/21/2025

87% of organizations expect deepfakes to become major attack vectors in future ransomware campaigns.

CROWDSTRIKE10/21/2025
Deepfake