The top five ransomware groups — Qilin, Clop, Akira, Play, and SafePay — were responsible for 938 incidents, accounting for nearly 25% of all ransomware attacks in 2025.
The top five ransomware groups — Qilin, Clop, Akira, Play, and SafePay — were responsible for 938 incidents, accounting for nearly 25% of all ransomware attacks in 2025. — This cybersecurity statistic was published by KELA in October 2025. It covers topics including Ransomware, Ransomware groups. The original data appears in KELA Report - National Cybersecurity Report Ransomware.pdf. For the full methodology and detailed findings, refer to the original report.
Share or Copy this stat
Frequently Asked Questions
What does this statistic say?
The top five ransomware groups — Qilin, Clop, Akira, Play, and SafePay — were responsible for 938 incidents, accounting for nearly 25% of all ransomware attacks in 2025. This data was published by KELA and covers Ransomware, Ransomware groups.
Where does this data come from?
This statistic comes from KELA Report - National Cybersecurity Report Ransomware.pdf, published by KELA on October 21, 2025. You can view the original report at https://www.kelacyber.com/resources/research/escalating-ransomware-threats-to-national-security/#resource-form-wrapper.
What cybersecurity topics does this cover?
This statistic relates to Ransomware, Ransomware groups. Browse more statistics on Ransomware or from KELA.