United States
US #1 Most TargetedRansomware victim intelligence profile ยท Ranked #1 globally ยท Updated: Apr 4, 2026
Ransomware Threat Profile: United States
United States ranks #1 globally for ransomware attacks, with 7,029 confirmed victims in this database โ representing 42.1% of the worldwide total. The most active ransomware groups targeting United States include Akira, Play, Qilin.
The most frequently targeted industries in United States are Business Services, Manufacturing, Technology. The healthcare sector is particularly vulnerable because attacks on hospitals and medical providers can create life-threatening situations, increasing pressure to pay ransoms quickly.
United States's attack volume reflects broader trends in ransomware targeting: as one of the world's largest economies with extensive digital infrastructure, United States presents a high-value target environment with many large organisations, diverse industries, and significant data assets that ransomware groups seek to exploit.
Organisations in United States should consider the active threat groups documented here when assessing their cybersecurity posture, implementing detection rules, and prioritising incident response planning.
Recent Victims in United States (20 cached of 7,029 total)
| # | Organization | Group | Sector | Date |
|---|---|---|---|---|
| 1 | Community Connections | Incransom | โ | Apr 4, 2026 |
| 2 | Advanced Vehicle Assemblies | Nightspire | Manufacturing | Apr 4, 2026 |
| 3 | coronapa.com | Incransom | โ | Apr 3, 2026 |
| 4 | Harman Fitness | Netrunner | Consumer Services | Apr 3, 2026 |
| 5 | Bo.. and Br..e | Silentransomgroup | โ | Apr 3, 2026 |
| 6 | Community College of Beaver County | Interlock | Education | Apr 3, 2026 |
| 7 | Westamerica Communications | Akira | Telecommunication | Apr 3, 2026 |
| 8 | Charles River Insurance | Akira | Financial Services | Apr 3, 2026 |
| 9 | Woodland Trade | Akira | โ | Apr 3, 2026 |
| 10 | American Vintage Home, Briggs Plumbing Products, Genco Manufacturing, American Vintage Hom... | Akira | Manufacturing | Apr 3, 2026 |
| 11 | Southeastern Conference of Seventh-day Adventists | Nightspire | Education | Apr 3, 2026 |
| 12 | Siena Construction | Nightspire | Construction | Apr 3, 2026 |
| 13 | Neptune Mechanical, Inc. | Nightspire | Manufacturing | Apr 3, 2026 |
| 14 | roodtrucking.com | Incransom | Transportation/Logistics | Apr 3, 2026 |
| 15 | Asmar Schor & McKenna | Dragonforce | โ | Apr 3, 2026 |
| 16 | Faulkner County Sheriff's Office | Qilin | Public Sector | Apr 2, 2026 |
| 17 | Wolf Technology Group | Nova | Technology | Apr 2, 2026 |
| 18 | *****d **d**** ****o** | Insomnia | โ | Apr 2, 2026 |
| 19 | The Center for Hearing & Speech | Interlock | Healthcare | Apr 2, 2026 |
| 20 | cesimaging.com | Dragonforce | Technology | Apr 2, 2026 |
Frequently Asked Questions
How many ransomware attacks have occurred in United States?
United States has recorded 7,029 ransomware victim disclosures in this database, ranking #1 globally. This represents 42.1% of all tracked ransomware attacks worldwide.
Which ransomware groups target United States?
The ransomware groups most active in United States are Akira, Play, Qilin, Clop. These groups collectively account for the majority of victim disclosures attributed to United States.
Which industries are most targeted by ransomware in United States?
In United States, the most frequently targeted sectors are Business Services, Manufacturing, Technology. These industries hold valuable data and often have critical operational requirements that make them attractive ransomware targets.
How does United States rank globally for ransomware attacks?
United States ranks #1 globally for ransomware attacks with 7,029 victim disclosures, representing 42.1% of the worldwide total of 16,710 tracked victims.
How can organisations in United States protect against ransomware?
Organisations in United States should implement a layered security approach including regular offline backups, network segmentation, multi-factor authentication, endpoint detection and response (EDR) tools, and employee security awareness training. Monitoring threat intelligence feeds for active groups targeting United States is also recommended.