Behind the numbers, real people suffered. In June 2024, an attack on a blood-test provider, Synnovis, harmed 170 patients and caused one of the first deaths officially linked to ransomware1 . The Frederick Health cyberattack in January 2025 exposed 934,000 highly sensitive patient records2 . In April 2025, a ransomware attack wiped more than $930 million from Marks & Spencer’s market value3 . And in June 2025, attacks on Kettering Health and Nucor disrupted 14 hospitals across Ohio and forced temporary shutdowns at steel production facilities4,5.