• Wed. Oct 18th, 2023

Even Without Accepting the Ransom Demanded by Attackers, the Costs of Data Loss are Rising

Avatar photo

ByEsme Greene

Jul 1, 2023
Data loss costs rise despite not paying ransom
Esme Greene
Latest posts by Esme Greene (see all)

Companies have long suffered losses due to data loss, especially when attacks with ransomware are involved. 

Nevertheless, the price companies must pay is rising not only as a result of the ransom requested by hackers but additionally as a result of the expense of researching crimes and the litigation that increasingly result from such breaches.

The US law firm Baker Hostetler found that the number of ransomware occurrences started to fall in early 2022, but towards the end of the year and in early 2023, their number climbed rapidly once more. This was related to increased ransomware demands as well as larger total payouts.

In the previous year, the biggest financial ransom requested by the hackers totaled over $90 million, while the biggest payment made by the compromised company was in excess of $8 million. Both results ($60 million and $5.5 million, respectively) fared better than 2021 figures.

Average Ransomware Demands

The average ransom paid rose from $510,000 in 2021 to $600,000 in 2022, albeit it was still less than the peak of $795,000 in a pandemic-wracked 2020.

Studies show that 40% or more of ransomware victims typically pay the demanded sum. These statistics are all based on more than 1,160 data security events that BakerHostetler attorneys looked into.

The numbers partly conflict with data from the chain analysis business. Published in January, it stated that victims’ refusal to pay ransom was a major factor in the overall amount of funds given to ransomware organizations falling from nearly $766 million in 2021 to nearly $455 million last year. 

Given that BakerHostetler noted an increase in cash buyout expenses during that time, it is likely that the Chainalysis data did not include data for the end of 2022.

Both the US Federal Bureau of Investigation and the UK’s National Cybersecurity Center have already made it known that they oppose paying ransom to cybercriminals.


Scientists from BakerHostetler found that businesses that boost their level of safety through EDR-solutions and data backup considerably decrease the dangers and potential costs than those businesses that forgo security because they think everything is in order.

In the meantime, the overall cost of legal investigations into data leaks has dramatically increased—even without paying a ransom to attackers. Average investigative expenditures for the top 20 network intrusions of 2022 went from $445,926 in 2021 to $550,987 in 2022, a 24 percent increase.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.