Close this search box.

2024 Cybersecurity Industry Statistics: ATO, Ransomware, Breaches & Fraud


With cybersecurity reports and fraud studies launching almost weekly, it can be hard to keep track of  the latest stats related to account takeover (ATO), ransomware, BEC, fraud, and identity theft. At SpyCloud, we   know our readers need the latest cybersecurity statistics to bolster their case for investing in solutions to combat cybercrime and protect their employees. Here is the latest list of cybersecurity statistics you should know for 2024.

Account Takeover (ATO) Statistics:

Ransomware Statistics:

  • There were 493+ million ransomware attacks globally in 2022. While down 21% year-over-year, some industries saw huge spikes, including finance (+41%). 2023 Sonicwall Cyber Threat Report
  • In the first half of 2023, ransomware attackers extorted $176 million more than the same period in 2022, putting 2023 on track to be the second-costliest year for ransomware in history. Chainalysis Mid-year Update
  • The average cost of a ransomware attack escalated to $5.13 million in 2023, not counting the ransom itself. IBM Cost of a Data Breach Report 2023
  • In 2022, ransomware took over the second spot after denial of service in breach incidents, now being present in 15.5% of all incidents. Meanwhile, the share of ransomware in breaches held statistically steady at 24%Verizon 2023 Data Breach Investigations Report
  • 81% of organizations were affected by ransomware in some capacity over the past 12 months, and 48% of those that were impacted ended up paying a ransom. SpyCloud 2023 Ransomware Defense Report
  • The sector most heavily impacted by ransomware attacks was the construction industry in 2023. eCrime Ransomware and Data Leak Site Report 2023
  • The IC3 received 2,385 complaints in 2022 identified as ransomware, reflecting losses of more than $33.4 million. FBI Internet Crime Report 2022
  • In 2022, the IC3 received 870 complaints regarding ransomware attacks on critical infrastructure organizations, with 14 of the 16 critical infrastructure sectors having at least one member fall victim to an attack. Healthcare was the sector with the most reported attacks. FBI Internet Crime Report 2022
  • A survey of more than 400 CISOs found that ransomware is the top cyber threat most concerning to respondents. The CISOs Report: Perspectives, Challenges and Plans for 2022 and Beyond
  • According to security leaders, the top three perceived riskiest entry points for ransomware are:
    #1 Phishing and social engineering
    #2 Unpatched vulnerabilities
    #3 Third-party or partner connections
    SpyCloud 2023 Ransomware Defense Report
  • More than one-third of North American and European companies who experienced a ransomware event in 2023 had at least one infostealer infection prior to being attacked. SpyCloud 2023 Ransomware Defense Report

Malware Statistics:

Session Cookie Statistics:

Data Breach Statistics:

Business Email Compromise (BEC) Statistics:

Fraud & Identity Theft Statistics:

About SpyCloud: SpyCloud transforms recaptured darknet data to protect businesses from cyberattacks. Our products operationalize Cybercrime Analytics (C2A) to produce actionable insights that allow enterprises to proactively prevent ransomware and account takeover, protect their business from consumer fraud losses, and investigate cybercrime incidents. Our unique data from breaches, malware-infected devices, and other underground sources also powers many popular dark web monitoring and identity theft protection offerings. SpyCloud customers include half of the ten largest global enterprises, mid-size companies, and government agencies  located around the world. Headquartered in Austin, TX, SpyCloud is home to 200 cybersecurity experts whose mission is to make the internet a safer place. 

To learn more and see insights on your company’s exposed data, visit

Recent Posts

Check Your Company's Exposure

See your real-time exposure details powered by SpyCloud.