The State of Ransomware 2025

A total of 276 publicly disclosed ransomware incidents occurred from April to June 2025.

April experienced a 51% increase in publicly disclosed ransomware attacks year-on-year, with a total of 89 attacks.

There was a 63% increase in publicly disclosed ransomware attack volumes in Q2 2025 compared to Q2 2024.

The retail sector saw its highest ever Q2 2025 ransomware attack volumes, with publicly disclosed incidents jumping by 58% compared to Q1 2025.

The healthcare sector was the most targeted with 52 publicly disclosed ransomware attacks between April - June 2025.

May had a 40% increase in publicly disclosed ransomware attacks year-on-year, with a total of 91 attacks.

95% of publicly disclosed ransomware attacks involved the theft of sensitive information.

The Construction, Hospitality, and Arts and Entertainment sectors reported their highest ever Q2 2025 ransomware attack volumes.

June 2025 saw a 113% increase in publicly disclosed ransomware attacks year-on-year, with a total of 96 attacks.

The government sector was the second most targeted for ransomware, with 45 publicly disclosed attacks between April - June 2025.

80.9% of all ransomware attacks go unreported.

There were 1,446 undisclosed ransomware attacks in Q2. This marks a 19% increase in undisclosed attacks compared to the same quarter in 2024.

The services industry was the hardest hit among undisclosed attacks, accounting for 23% (337) of all undisclosed attacks in Q2 2025.

The services industry was the third most targeted for ransomware, with 33 publicly disclosed attacks between April - June 2025.