www.infosecurity-magazine.com 7/15/2026, 1:22:43 PM · external

Compromised Logins Fuel 79% of Ransomware Attacks, Sophos Reports

Compromised Logins Fuel 79% of Ransomware Attacks, Sophos Reports

A recent report by Sophos reveals that compromised logins have become the leading entry point for ransomware attacks, accounting for 79% of incidents. Initially, malicious emails were the entry point in 26% of cases, a rise from 19% in 2025. Phishing attacks, responsible for 24% of incidents, and brute force attacks, at 23%, followed. The number of attacks exploiting known security vulnerabilities has significantly decreased from 32% to 18%.

Furthermore, organizations typically use their own backups (66%) to recover data from attacks, with the median ransom demand dropping significantly to $698,000. It is suggested that organizations improve identity threat detection and response measures to prevent such attacks.

View full article

Article by CyberSIXT