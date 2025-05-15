Companies take an average of four months to report a ransomware attack

No Comments
Ransomware Malware Cyber Attack

A new study from Comparitech, based on data collected from 2,600 attacks between 2018 and 2023, shows the average time for a US company to report a data breach following a ransomware attack is 4.1 months.

From 2018 to 2023, the average time to report a ransomware breach has increased, rising from 2.1 months in 2018 to just over five months in 2023. Healthcare has the lowest reporting time with 3.7 months, while businesses (4.2 months) and government entities (4.1 months) are similar.

The longest known data breach reporting period (38 months) came from a healthcare company which started notifying patients of a July 2020 ransomware attack. Initially, it believed the data breach was limited to one patient but further investigations revealed this wasn’t the case.

Interestingly, law firms have the worst overall average, taking 6.4 months to report a data breach stemming from a ransomware attack. The education sector is not far behind on 6.3 months.

Rebecca Moody, head of data research at Comparitech, notes, "Five months is a long time for people to be unaware their data has potentially been impacted in a ransomware attack. Not only that, but hackers often post victims to their data leak sites within a month of the attack taking place if ransom negotiations fail. Therefore, stolen data may have been on the dark web for four months or more before those whose data is compromised are any the wiser."

Ransomware strains Pysa and LockBit have the highest average reporting periods (6.8 months and 5.7 months, respectively), while among the lowest were Lynx (2.6 months), RansomHub (3.2 months), and Qilin (3.3 months).

Some states mandate specific timeframes for reporting a data breach and these have a slightly lower average reporting period than those without (3.9 months compared to 4.2 months).

You can read more on the Comparitech site.

Image credit: AndreyPopov/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

International fraudsters target US government programs

Companies take an average of four months to report a ransomware attack

GenAI vulnerable to prompt injection attacks

Social media platforms are not safe places for queer users according to GLAAD’s latest Social Media Safety Index

GE Cync Dynamic Effects Smart Café Lights bring smart color to patios with Alexa and Google Assistant support

YouTube is turning to AI to hit you with ads at the most annoying times

Chainguard launches malware-resistant dependencies for Python

Most Commented Stories

Say 'no thanks' Microsoft Windows 11 and 'yes please' to AnduinOS 1.3

61 Comments

Nintendo says your Switch 2 isn’t really yours even if you paid for it

26 Comments

Move over Windows 11, Windows 12 is the Microsoft operating system we need

23 Comments

Microsoft has finally relented and is giving Windows 11 users the new Start menu they want

23 Comments

Never mind Windows 11, Commodore OS Vision 3.0 is the retro-inspired OS you didn't know you needed -- download it now!

15 Comments

Ditch Microsoft Windows for ALT Workstation 11: A Russian Linux distro with a modern GNOME desktop

14 Comments

Hackers can now bypass Linux security thanks to terrifying new Curing rootkit

11 Comments

Donald Trump secures China trade deal that may ease smartphone and PC prices

10 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.