Ransomware Attacks Soar 25% in October with Manufacturing as Prime Target
Health & WellnessUS News

Ransomware Attacks Soar 25% in October with Manufacturing as Prime Target

7

TL/DR –

October saw a 25% jump in global ransomware attacks, from 546 in September to 684. The manufacturing sector remained the most targeted, with healthcare also being increasingly targeted. The Qilin ransomware group was the most active, with 186 victims in October alone; the US was the country experiencing the highest number of attacks, with 374 incidents, a 33% increase from September.

Ransomware Attacks Jump 25% in October, Qilin Leads the Charge

Ransomware attacks spiked by 25% in October, according to new data from Comparitech, rising from 546 incidents in September to 684. This indicates a major uptick in attacks, making it the third-highest monthly total for 2025. The manufacturing sector, amounting for almost 19% of reported incidents (121), continues to be the prime target, though attacks on this sector rose only 9% month on month. Significant rises were seen in the healthcare sector, with incidents jumping 115% from 26 in September to 56 in October. Other sectors seeing sharp increases include transportation (109%) and retail (104%).

Ransomware group Qilin has become the most active in 2025, passing 700 attack claims on its data leak site and claiming 186 victims in October alone.

Breakdown of October’s Ransomware Attacks

Of the 684 ransomware attacks recorded in October, 47 were confirmed by the affected parties. These cases included 27 businesses, 10 government organizations, three healthcare companies, and seven educational institutions. Of the remaining unconfirmed attacks, the majority were aimed at businesses (561), with government entities (14), healthcare organizations (53), and educational institutions (8) also targeted.

The most active ransomware groups for the month were Qilin (186 attacks), Akira and Sinobi (70 each), INC (32), Play (26), and DragonForce (20). Qilin also led confirmed attacks with 10, followed by Clop with four and RansomHouse with three. Incidents where hackers revealed data theft details, totaling 315, saw more than 162 terabytes of data reportedly pilfered, averaging around 516 gigabytes per breach.

Global Impact of Ransomware Attacks

The U.S. bore the brunt of the attacks with 374 incidents, a 33% increase from September. Australia and Japan also experienced significant rises in attacks. Meanwhile, Comparitech’s head of data research noted that attacks on healthcare providers skyrocketed by 115% from September to October.

Confirmed attacks in October included targeting of Centre hospitalier intercommunal de Haute-Comté in France, Community Based Support (CBS) Ltd in Australia by Lynx, and Family Health West in the U.S. by Devman, demanding a $700,000 ransom for 120 GB.

Furthermore, attacks on government entities rose by 20%, from 20 in September to 24 in October. Of these, 10 were confirmed, with victims spread across France, Germany, the US, Sweden, and Mexico.

Recognizing the Prolific Activity of Qilin

Qilin claimed a staggering 186 victims in October alone, making it the most active ransomware group. Focusing on confirmed attacks, Qilin claimed 10, including two in South Korea and one each on U.S. healthcare company, MedImpact Healthcare Systems, Inc., and government entities in France and the U.S.

When it comes to data theft, Qilin claimed the most, over 29.8 TB of data, followed by PEAR (25.5 TB) and INC (21.4 TB). Qilin’s attack on North Stonington Public Schools witnessed the biggest data theft in a confirmed attack: 3 TB.

Last week, Cisco Talos identified that Qilin continued publishing victim information on its leak site at an exceptional rate in the second half of 2025. The manufacturing sector remains the most targeted, followed by professional and scientific services and wholesale trade.


Read More Health & Wellness News ; US News

You might also like More from author