European companies faced significantly more cyber incidents in 2025, according to the annual report from cyber insurer Stoïk.
According to the Claims Report from Stoïk, a cyber insurer active in six European countries including Belgium, the number of European cyber claims rose by 150% in 2025 compared to the previous year. This meant the company recorded 2.5 times more claims: 10.6% of customers filed a claim, compared to 4.3% in 2024. This increase demonstrates that cyber risk for European companies is growing rapidly.
The increase is the result of three factors: a growing threat landscape, improved detection capabilities, and a change in reporting behavior among insured companies.
Ransomware and email fraud
Ransomware remains one of the biggest threats to businesses. In 2025, the impact of ransomware attacks was 60% higher than in 2024. Although the number of ransomware claims remained relatively limited, averaging one per week, the financial damage per incident is often substantial. This is partly due to double extortion, where ransom is demanded both for restoring systems and for not publishing stolen data.
Additionally, email-related incidents, such as phishing, classic fraud, and business email compromise (BEC), account for the majority of reported claims. More than half (59.4%) of all cyber claims at Stoïk fall into this category. Notably, 10% of affected companies become victims of a similar incident again within the same year.
SMEs especially vulnerable
According to Stoïk, 2025 was the year in which generative AI was deployed on a large scale by cybercriminals. AI-generated voices and texts make fraudulent emails and invoices more convincing, while real-time context adaptation makes them harder to detect. Companies must therefore continuously train their staff and further secure their processes to prevent abuse.