Ransomware Attacks Increased by 58% in 2025

January 16, 2026 – Published on The HIPAA Journal

The threat from ransomware is greater than ever, according to a new report from GuidePoint Security.

The cybersecurity firm recorded a 58% year-over-year increase in victims, making 2025 the most active year ever reported by GuidePoint Security. In 2025, GuidePoint Security tracked 2,287 unique victims in Q4, 2025 alone – the largest number of victims in any quarter tracked by the GuidePoint Research and Intelligence Team (GRIT). December was the most active month in terms of claimed victims, which increased 42% year-over-year to 814 attacks. On average, 145 new victims were added to dark web data leak sites every week in 2025, with the year ending with 7,515 claimed victims.

Law enforcement operations have targeted the most active groups, and there have been notable successes; however, they have had little effect on the number of victims, which continues to increase.

Rather than the ransomware-as-a-service (RaaS) landscape being dominated by one or two major actors, law enforcement operations have helped create a highly fragmented ecosystem, with smaller groups conducting attacks in high volume, using repeatable operations. In 2025, GRIT tracked 124 distinct named ransomware groups – a 46% increase from 2024 and the highest number of groups ever recorded in a single year.

Read More HERE.