58% of Retailers Pay Ransom as Cyber Threats Intensify — Sophos Report
KUALA LUMPUR, November 5, 2025 – More than half (58%) of retailers hit by ransomware ended up paying the ransom, according to Sophos’ State of Ransomware in Retail 2025 report. The study found that 46% of incidents stemmed from unknown security gaps, underscoring visibility and preparedness challenges across the retail sector. Median ransom demands doubled to US$2 million, while average payments rose 5% to US$1 million.
Sophos identified Akira, Cl0p, Qilin, PLAY, and Lynx as the most active threat groups targeting retailers. Despite rising ransom demands, data encryption rates have fallen to a five-year low of 48%, suggesting stronger early detection and response capabilities. However, backup recovery rates have declined to 62%, their lowest in four years.
Sophos’ Global Field CISO Chester Wisniewski urged retailers to strengthen visibility, patching, and Managed Detection and Response capabilities to curb future attacks and recover faster from breaches.
Read More News on Latest Malaysia
Read More News on Business News Malaysia
Read More News on SG Business News
Read More News on World Future TV
Oracle is laying off thousands of employees globally to restructure and invest in AI, while…
Wall Street rallies as Iran signals willingness to end war; Dow jumps 1,125 points, oil…
Digital banks move into execution phase as competition intensifies.
SMEs face cost pressures while adapting to growing competition.
Najib Razak ordered to pay SRC International US$1.3 billion for breach of fiduciary duties, misappropriation,…
Backup alone doesn't ensure recovery; organizations must establish clear recovery strategies, targets, and practices for…
This website uses cookies.