Cyber Insurance Claims Surge Amid Rising Ransomware Threats and Scams

Post Views: 8

The Rise of Cyber Insurance Claims

The 2026 Cybersecurity Report from At-Bay highlights a significant surge in cyber insurance claims, driven primarily by ransomware, fraud, and lawsuits.

Ransomware on the Rise

According to the report, which covers over 100,000 policy years of claims data, the number of cyber insurance claims has risen by 7% year-over-year, with an all-time high average severity of $221,000 per claim.

The report states that “ranging from $200,000 to $500,000” is the typical cost of ransomware attacks.

Ransomware claims, in particular, have seen a sharp increase, with an average severity of $508,000, up 16% from the previous year.

Remote Access Vulnerabilities

Remote access vulnerabilities have emerged as a dominant entry point for ransomware attacks, with 87% of ransomware claims in 2025 originating from remote access services.

Adam Tyra, CISO for Customers at At-Bay, said: “We’re seeing more and more attacks coming through remote access infrastructure.”

This trend is attributed to improvements in security filtering, which have pushed attackers towards remote access infrastructure. In fact, one-third of ransomware claims involved a SonicWall device, with the group’s average ransom demand reaching $1.2 million, 50% higher than non-Akira demands.

Akira Ransomware

Akira ransomware frequency jumped 364% in the third and fourth quarters of 2025, with attacks moving at an unusually fast pace, often occurring within hours or minutes of initial access.

Of the Akira victims that avoided encryption, every one had 24/7 managed detection and response monitoring in place.

However, two-thirds of Akira attacks occurred at night or on weekends, leaving organizations without round-the-clock coverage with limited opportunity to disrupt the attack chain.

Financial Fraud

In addition to the rise in ransomware claims, the report highlights an increase in financial fraud, which accounted for approximately 30% of claims for the third consecutive year.

Attackers have moved towards routing malicious links through trusted cloud platforms, such as Cloudflare, which appears in 69% of abused infrastructure alerts analyzed by At-Bay’s monitoring team between September 2025 and March 2026.

Cyber Insurance Claims by Industry

The report also notes that businesses under $25 million in revenue saw the steepest changes in the portfolio, with ransomware frequency rising 21% year-over-year and average ransomware severity climbing 40% to $422,000.

Cyber Insurance Recovery Rates

Businesses that alerted At-Bay within three days saw some funds returned 70% of the time, with recovery rates dropping to 53% at four to fourteen days and falling below 30% after that.

The insurer’s claims team recovered $56 million in stolen funds during 2025.

Third-Party Liability Claims

Third-party liability claims rose 70%, the largest increase among tracked incident types, with lawsuits tied to the California Invasion of Privacy Act making up 34% of third-party liability claims.

CIPA cases have expanded beyond Meta Pixel to cover tracking tools from TikTok and other vendors, with 69% of 2025 cases involving non-Meta Pixel technology.