The average ransomware demand soared 70% to $4.24 million last year, while the average payment was up 36% to $682,702. Meanwhile, phishing remains the leading root cause of data-security incidents, accounting for 30%, according to the 12th annual “Data Security Incident Response Report” released late Thursday by the law firm BakerHostetler.

The report, entitled “The Risk Remains (Mostly) the Same,” draws on information and insights gained in guiding the national law firm’s clients through more than 1,250 data breaches and related security compromises. Health care was the biggest affected industry at 27% of incidents, followed by finance and insurance at 18%, business and professional services at 15%, and the retail, restaurant, and hospitality sectors at 11%.

The largest ransom demand in 2025, as cited by BakerHostetler was $98 million, while the largest paid ransom was $5.65 million, well under a $20-plus million payment in 2024. But the average paid ransom rose by more than a third from 2024’s average of $501,338.

The leading types of compromises cited in BakerHostetler’s client incidents were network intrusions at 47% and business email compromises, 32%. Five other types of compromises all accounted for under 10% each.

While phishing was the root cause of nearly one-third of incidents, the cause of some 19% was unknown. Unpatched vulnerabilities accounted for 10%. At 8% each were social engineering and human error/unintended recipients.

Meanwhile, it’s no surprise that the rapidly growing adoption of artificial intelligence is showing up in data-security incidents. At first, AI seemed mainly to be enhancing the effectiveness of phishing, but now it’s more than that, according to the report’s authors.

“When we began analyzing matter data in December 2025, AI’s role in incidents appeared limited,” the report says. “However, as we approached our March 2026 publication date, we clearly passed a tipping point. AI is moving beyond serving as just an ‘enhancer’ for phishing: it is moving toward more sophisticated social engineering support and automation, and we are now seeing the rise of ‘vibe hacking’ and autonomous coordination between agentic AIs.”

BakerHostetler cites a report from AI developer Anthropic, creator of Claude AI, in which the company disrupted fraudsters using Claude Code to automate reconnaissance, credential harvesting, and network penetration in one month’s time against approximately 17 organizations in multiple industries

Of the 1,250-plus data incidents BakerHostetler handled for clients in 2025, some 68 resulted in one or more lawsuits. Seven incidents involved payment card data, while 59 involved Social Security numbers. Many others involved medical information or health-care organizations