Extortion-Only Attacks Rise, Shift Focus to Data Theft
๐ Insurers report a marked increase in extortion-only incidents where attackers rely on data theft rather than encryption. Resilience found that 65% of extortion claims in H2 2025 did not involve encryption, and data theft accounted for 87% of ransomware claims by year-end. The report warns that paying for data suppression is unreliable, with 30โ40% of paid cases still resulting in leaks, and recommends prevention, tabletop exercises, and pre-incident legal and response retainers.
