Ransomware continues to be the primary cause of large cyber insurance claims, accounting for 60% of the value of claims exceeding €1 million, according to recent data from Allianz Commercial. While attacks are increasing in sophistication and volume, analysis shows that the severity of these claims has decreased by more than 50% and the frequency of large claims has dropped by about 30% during the first half of 2025. This trend is attributed to improved detection and response capabilities among larger companies.
Despite these improvements, Allianz Commercial warns that the risk landscape is expanding. Digital supply chains, stricter privacy regulations, and more advanced social engineering tactics are increasing potential losses for all businesses. Smaller and mid-sized companies are now being targeted more frequently as attackers shift focus away from multinationals.
Michael Daum, Global Head of Cyber Claims at Allianz Commercial, commented: “Several ransomware events have hit the headlines this year, but overall, we see that insured losses from these attacks have decreased in 2025 to date. Insureds’ increased detection and response capabilities are helping to stop some attacks at an early stage. Every step an attacker progresses, and every minute that they are in the system, the impact goes up exponentially. The cost of a ransomware attack that progresses to data theft and encryption can be 1,000 times higher than an incident that is detected and contained early.”
The report notes a rise in double extortion schemes involving both ransom demands and data exfiltration. In the first half of 2025, incidents involving data theft made up 40% of large claim values—an increase from 25% throughout all of 2024—with losses involving stolen data being more than twice as costly as those without.
The retail sector has emerged as one of the most affected industries over the past five years, now ranking third after manufacturing and professional services firms in terms of claim value. Retailers’ high revenues and extensive handling of personal data make them particularly vulnerable to business interruption during cyber incidents.
Non-attack-related incidents such as technical failures or improper handling of data accounted for a record 28% of large claim values in 2024. Companies also face heightened risks from digital supply chain dependencies and sophisticated impersonation attempts targeting employees.
Data from Germany indicates that while cyber-insured organizations saw their loss impact rise by around 70% over four years, overall economic losses due to cybercrime surged by approximately 250%. This gap reflects better risk management practices among insured companies—many driven by insurance requirements—and highlights the effectiveness of prevention services provided by insurers.
Jarrod Schlesinger, Global Head of Financial Lines and Cyber at Allianz Commercial said: “The global cyber insurance market is predicted to more than double to close to US$30bn by the end of the decade, yet penetration remains relatively low. We need to underline that cyber insurance plays an important role in helping build resilience at a time of rapid technological and regulatory change. Many companies remain unaware of the breadth of coverage offered, which can include costs associated with breach response, business interruption, and regulatory fines and penalties.”
Allianz Commercial serves mid-sized businesses as well as large enterprises across various sectors globally through its integrated approach under Allianz Group.
