Belgium
BERansomware victim intelligence profile ยท Ranked #19 globally ยท Updated: May 28, 2026
Ransomware Threat Profile: Belgium
Belgium ranks #19 globally for ransomware attacks, with 120 confirmed victims in this database โ representing 0.7% of the worldwide total. The most active ransomware groups targeting Belgium include Qilin, Akira, Killsec.
The most frequently targeted industries in Belgium are Business Services, Technology, Manufacturing. The healthcare sector is particularly vulnerable because attacks on hospitals and medical providers can create life-threatening situations, increasing pressure to pay ransoms quickly.
Belgium's attack volume reflects broader trends in ransomware targeting: the volume of attacks reflects the country's integration into the global economy and the proliferation of ransomware operations that target organisations of all sizes worldwide.
Organisations in Belgium should consider the active threat groups documented here when assessing their cybersecurity posture, implementing detection rules, and prioritising incident response planning.
Recent Victims in Belgium (20 cached of 120 total)
| # | Organization | Group | Sector | Date |
|---|---|---|---|---|
| 1 | ettp.be | Safepay | โ | May 6, 2026 |
| 2 | C2O Architects | Thegentlemen | Business Services | May 6, 2026 |
| 3 | Fabritius | Thegentlemen | Manufacturing | May 6, 2026 |
| 4 | vanheyghenstaal.be | Apt73 | Agriculture and Food Production | Apr 27, 2026 |
| 5 | isosl.be | Apt73 | Manufacturing | Apr 27, 2026 |
| 6 | Anderlues | Thegentlemen | Manufacturing | Apr 19, 2026 |
| 7 | Asaniverko | Spacebears | Business Services | Apr 14, 2026 |
| 8 | Fountain | Dragonforce | Consumer Services | Apr 1, 2026 |
| 9 | Efficy - 43gb leaked | Coinbasecartel | Technology | Mar 30, 2026 |
| 10 | nandrin.be | Lockbit5 | Public Sector | Mar 30, 2026 |
| 11 | Fondation Boghossian | Qilin | โ | Mar 27, 2026 |
| 12 | Louise Medical Center | Qilin | Healthcare | Mar 26, 2026 |
| 13 | Netwerk NV | Ailock | Business Services | Mar 7, 2026 |
| 14 | Abutriek | Qilin | โ | Mar 5, 2026 |
| 15 | Evolutive Systems | Qilin | Technology | Feb 26, 2026 |
| 16 | Symeta | Coinbasecartel | Technology | Feb 24, 2026 |
| 17 | Efficy | Coinbasecartel | Technology | Feb 16, 2026 |
| 18 | Van Eycken | Akira | Manufacturing | Jan 22, 2026 |
| 19 | Soapeople | Payoutsking | Technology | Jan 14, 2026 |
| 20 | jefar.be | Lockbit5 | Business Services | Dec 26, 2025 |
Frequently Asked Questions
How many ransomware attacks have occurred in Belgium?
Belgium has recorded 120 ransomware victim disclosures in this database, ranking #19 globally. This represents 0.7% of all tracked ransomware attacks worldwide.
Which ransomware groups target Belgium?
The ransomware groups most active in Belgium are Qilin, Akira, Killsec, Ransomhub. These groups collectively account for the majority of victim disclosures attributed to Belgium.
Which industries are most targeted by ransomware in Belgium?
In Belgium, the most frequently targeted sectors are Business Services, Technology, Manufacturing. These industries hold valuable data and often have critical operational requirements that make them attractive ransomware targets.
How does Belgium rank globally for ransomware attacks?
Belgium ranks #19 globally for ransomware attacks with 120 victim disclosures, representing 0.7% of the worldwide total of 18,180 tracked victims.
How can organisations in Belgium protect against ransomware?
Organisations in Belgium should implement a layered security approach including regular offline backups, network segmentation, multi-factor authentication, endpoint detection and response (EDR) tools, and employee security awareness training. Monitoring threat intelligence feeds for active groups targeting Belgium is also recommended.