89% of organizations that experienced a ransomware attack in the past year paid a ransom to recover their data or stop the attack

Malware and ransomware accounted for 51% of all cyber insurance claims in 2024, up from 32% in 2023.

The proportion of retailers hit by extortion-only attacks tripled from 2% in 2023 to 6% in 2025

62% of retailers who experienced attacks restored their data using backups in 2025, the lowest rate in four years

The average cost of recovering from a ransomware attack in retail, excluding any ransom payment, dropped by 40% to $1.65 million in 2025, the lowest point in three years

46% of retail ransomware incidents were traced to an unknown security gap in 2025

47% of retail IT/cybersecurity teams reported increased pressure after experiencing data encryption in 2025

58% of retail organizations with encrypted data paid the ransom in 2025, marking the second highest payment rate in five years

26% of cases in retail saw leadership teams replaced as a result of data encryption in 2025

The median ransom demand for retail ransomware attacks doubled to $2 million in 2025 compared to 2024

92% of ransomware cases in Europe involved file encryption and data theft in 2025

European organizations accounted for nearly 22% of global ransomware and extortion victims in 2025

Ransomware deployment speed increased by 48% as observed in 2025

Since January 1, 2024, more than 2,100 victims across Europe were named on extortion leak sites

Around 18% of Qilin ransomware cases impacted professional and scientific services.

The number of victims whose information was posted on the Qilin ransomware leak site peaked at 100 cases in June 2025.

In the second half of 2025, the Qilin ransomware group published victim information at a rate exceeding 40 cases per month.

Approximately 23% of all reported cases of Qilin ransomware affected the manufacturing sector.

In 2025, Cisco Talos reported multiple incidents related to Qilin ransomware.

About 10% of Qilin ransomware cases were related to wholesale trade.