New Report Reveals True Extent Of Ongoing Ransomware Threat To Organizations

Globally, Ransomware Gangs Had Confirmed Success Against 1,204 Organizations in 2024

Globally, across 2024, ransomware gangs had confirmed success against 1,204 organizations, with another 4,257 attacks claimed by the cybercriminals responsible as published on their data leak sites but without acknowledgment from the alleged victims. That’s just the tip of the ransomware threat iceberg, according to a detailed analysis published on Jan. 9.

Comparitech End-of-Year Ransomware Report Reveals Shocking Statistics

The Comparitech end-of-year ransomware report makes for truly shocking reading when the raw numbers are absorbed:

* Just taking into account the confirmed attacks, some 195,414,994 records were compromised, and ransoms totalling $133.5 million were paid, with the average being an astonishing $9,532,263.
* The 195.4 million records breached, although this number is still rising apparently, is lower than that for 2023 when 261.5 million records were known to have been exfiltrated.

Ransomware Gangs Responsible for Attacks

When it comes to the gangs responsible, by far the most prolific was RansomHub with 89 confirmed attacks, then LockBit on 83, Medusa on 62 and Play with 57 confirmed.

Biggest Attacks of 2024

According to the report, the biggest attacks were:

* Change Healthcare–100 million people are estimated to have been affected by the ALPHV/BlackCat attack.
* LoanDepot—16.9 million said to be affected, also in an ALPHV/BlackCat attack.
* MediSecure—with 12.9 million affected, although the ransomware group remains unattributed.
* Izumi Co., Ltd—7.8 million affected by another unattributed group.
* Evolve Bank & Trust—7.6million people affected by this LockBit attack.

Ransomware Attacks by Sector

Comparitech categorized ransomware attacks into four sectors: business, education, government, and healthcare. “The only sector that looks set to see a decrease in attacks from 2023 to 2024 is education,” Rebecca Moody, Comparitech’s head of data research and author of the report, said, “in 2023, we logged 188 attacks on educational institutions, such as schools and universities. This dropped to 116 in 2024. All of the other sectors will be on a steady year-on-year trend once all breaches have been reported.”

The Ransomware Landscape in 2025

Although Moody conceded that predicting the ransomware landscape is notoriously tricky, that doesn’t prevent some intelligence-inspired deductions about the threat landscape from being drawn.

“At the start of last year, it seemed as though ransomware figures were declining,” Moody said, “but figures started to skyrocket again toward the end of the year.” Based on these figures, Moody said that it’s “highly likely we’ll continue to see large-scale attacks” across 2025. These attacks will, Moody warned, “either cause widespread disruption to companies and/or see troves of data being stolen.”

Conclusion

The ransomware threat is far from over, and organizations must remain vigilant to protect themselves against these attacks. The report highlights the need for robust cybersecurity measures, including regular backups, employee education, and incident response planning.

FAQs

Q: How many organizations were affected by ransomware attacks in 2024?
A: 1,204 organizations had confirmed success against them, with another 4,257 attacks claimed by the cybercriminals responsible.

Q: How many records were compromised in 2024?
A: Some 195,414,994 records were compromised, with the average ransom being $9,532,263.

Q: Which ransomware gangs were most prolific in 2024?
A: RansomHub was the most prolific, with 89 confirmed attacks, followed by LockBit on 83, Medusa on 62 and Play with 57 confirmed.