The State of Ransomware in Education 2025

441 IT and cybersecurity leaders from the education sector share the realities of ransomware today

The report examines and compares how the causes and consequences of ransomware attacks on both lower (for students up to age 18) and higher (over 18) education providers have evolved over time.

It also uncovers new insights into the organizational weaknesses that leave educational institutes exposed, and the human toll on the IT and cybersecurity teams battling these threats.

Report

Drawing on the real-world experiences of 243 lower and 198 higher education providers hit by ransomware in the past year, the report explores:

  • Why education providers fall victim: A deep dive into the technical and organizational root causes of attacks.
  • What happens to the data: A look at encryption rates and how education providers are managing data recovery.
  • Ransom demands and payments: How institutions respond to financial pressures.
  • The fallout from ransomware attacks on IT teams: An exploration of the human impact of incidents.

PDF - Download the 2025 State of Ransomware Report in Education

waves-dot-transparent-bg