IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Moody cyber attack control room ai data breaches global globe
#
Firewalls
#
Data Protection
#
Ransomware

AI data leaks fuel surge in global cyber attacks

Thu, 11th Dec 2025
Author image
By Sean Mitchell, Publisher

Global cyber attacks reached an average of 2,003 a week per organisation in November, according to new figures from Check Point Research. The level marked a 3% rise on October and a 4% increase from a year earlier.

The data shows continued growth in hostile activity against corporate and public networks. It links the trend with rising ransomware operations and new risks from generative artificial intelligence tools.

AI data risks

Check Point Research examined enterprise use of generative AI tools. It found increasing exposure of sensitive and regulated information.

In November, one in every 35 prompts sent to generative AI tools from enterprise networks carried a high risk of data leakage. This affected 87% of organisations that use generative AI on a regular basis.

The researchers said these prompts often contained confidential business information. The data included internal communications, customer records, proprietary software code, and personal identifiers.

They also found another 22% of prompts contained potentially sensitive information. The analysis suggests widespread staff use of AI tools for everyday work tasks.

Organisations used an average of 11 different generative AI tools each month. Most of those tools likely fell outside formal security and governance processes.

This pattern increases the chance of accidental data exposure. It also expands the surface that criminals can target in phishing, extortion, or AI-assisted intrusion campaigns.

Sectors under fire

The education sector remained the most attacked globally in November. Institutions in the sector experienced an average of 4,656 attacks per organisation each week. That was a 7% year-on-year increase.

Government organisations were the next most targeted. They faced 2,716 weekly attacks per organisation on average, up 2% from a year earlier.

Associations and non-profit bodies saw the sharpest growth rate. They averaged 2,550 attacks per organisation per week, a 57% increase year-on-year.

These figures suggest that both public services and civil society groups face sustained digital pressure. Many of these organisations run older systems or have limited security budgets.

Regional differences

Latin America recorded the highest regional attack volumes. Organisations there experienced an average of 3,048 weekly attacks each, a 17% rise compared with a year earlier.

Attack levels in the Asia-Pacific region were broadly flat. The year-on-year change was a decline of 0.1%.

In Africa, weekly attacks per organisation fell 13% compared with November last year. Europe saw a modest 1% decline in attack volumes.

North America went in the opposite direction. The region reported a 9% year-on-year increase in attacks. Check Point linked this in part with more intense ransomware activity.

Ransomware surge

Ransomware remained one of the most disruptive threats. There were 727 publicly reported ransomware incidents worldwide in November. That marked a 22% increase compared with the same month last year.

North America accounted for 55% of these reported cases. Europe represented 18% of the global total.

The United States remained the primary national target. It saw 52% of all reported ransomware incidents.

The United Kingdom accounted for 4% of cases. Canada made up a further 3%.

Industrial manufacturing organisations were the most affected sector by share of victims. They accounted for 12% of reported ransomware incidents.

Business services firms were the next most impacted group with 11% of cases. Consumer goods and services companies followed, at 10%.

The report identified three leading ransomware groups during the month. Qilin and Clop each accounted for 15% of victim disclosures. Akira followed with 12%.

Calls for prevention

Check Point Research said the combination of broader attack volumes, ransomware growth, and AI-related data exposure reflects a shift in attacker methods.

"November's data shows that along with the overall number of attacks continuing to rise, we see additional concern in the increasing sophistication behind these operations. The combination of ransomware growth and GenAI-related data exposure provides attackers with more tools and opportunities to execute damaging campaigns. The only effective approach is prevention-first, powered by real-time AI and proactive threat intelligence to block attacks before they cause harm," said Omer Dembinsky, Data Research Manager, Check Point Research.

Check Point Research said it will continue to track attack trends and ransomware groups. It plans further updates on emerging AI-related risks as enterprise use of generative tools grows.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
How AI helps neurodivergent professionals showcase their strengths
Rubrik unveils sovereign cloud to keep sensitive data local
Pax8 hires former Microsoft leader to drive APAC growth
Capture The Bug adds US tech leaders for North American push
Cloudflare buys Human Native to reshape AI data deals

Top stories

Elyos AI raises USD $13m to scale trade service agents
One NZ begins phased 3G shutdown, starting Dunedin
Logitech maps five key trends for the hybrid office
NZ launches AI advisory pilot for small businesses
Cloudflare: outdated apps stifle APAC AI investment gains