Dataminr Report: Cyber Risk Shifted in 2025 with Increased Threat Actor Activity and Mega-Loss Events

The 2025 cyber‑risk landscape has fundamentally restructured, as Dataminr’s latest report documents an unprecedented 225% jump in monthly threat‑actor alerts. Over 5,000 actors generated more than 18,000 ransomware signals and two million domain‑impersonation events, underscoring the scale of the threat. Identity theft has become the dominant vector, with nearly a third of breaches exploiting valid credentials—a trend amplified by an 84% rise in infostealer malware and AI‑powered social engineering tactics that automate credential harvesting at scale.

Beyond sheer volume, the financial stakes have escalated dramatically. Although ransomware incident counts have plateaued, the loss per incident has surged, producing clusters of attacks that surpass $100 million and, in rare cases, breach the $1 billion threshold. These mega‑loss events are often multi‑vector, blending credential theft, data exfiltration, and operational disruption, while one in four breaches now leverages third‑party supply‑chain weaknesses. Such systemic attacks erode traditional perimeter defenses and demand a holistic, cross‑organizational security posture.

In response, the report advocates purpose‑built AI platforms that can ingest, correlate, and act on real‑time threat intelligence. By reducing dwell time and automating response workflows, AI helps security teams stay ahead of rapidly evolving tactics. For enterprises and government agencies alike, integrating interconnected intelligence with AI is no longer optional—it is a strategic imperative to mitigate the growing risk of catastrophic cyber losses and preserve business continuity in an increasingly hostile digital environment.