Financial Services Ransomware Statistics

The manufacturing industry accounted for 456 ransomware incidents totaling approximately $284.6 million in reported payments, while the financial services industry accounted for 432 incidents totaling approximately $365.6 million, and the healthcare industry accounted for 389 incidents totaling approximately $305.4 million.

51% of leaders at financial services firms say they are unprepared to recover effectively from a Ransomware attack.

The Qilin campaign claimed 29 financial organizations headquartered in the Republic of Korea as victims to their DLS in a mid-September Qilin campaign.

The average duration business operations were affected by ransomware in financial services was 33 days.

Between 2019 and 2023, financial services experienced large losses primarily from data breaches (40.9%) and ransomware (40.9%), followed by other causes (18.2%).

The U.S. accounts for 60% of all ransomware attacks against financial institutions.

The U.S. and U.K. together represent over 70% of ransomware attacks.

There were 191 disclosed ransomware victims in the financial sector in 2023.

Nearly one-third (26.6%) of finance threat actors are attributed to "Other", which includes emerging or short-lived groups, highlighting a more fragmented and unpredictable ransomware landscape.

As of mid-2025, only 55 ransomware victims have been disclosed in the financial sector.

There were 156 disclosed ransomware victims in the financial sector in 2024.

The average response time to ransomware attacks is 6.71 hours among financial institutions. Last year's average response time to ransomware attacks was 6.62 hours.

Ransomware remains the greatest threat (46%) to financial organisations.