In 2024, 95 Indian companies were the victim of data theft attempts, becoming India the second most targeted country in the globe, according to a research by cyber intelligence firm CloudSEK.

Due to its economic supremacy and digital infrastructure, the US was the most targeted nation with 140 attacks in 2024, followed by India, where data from 95 companies was compromised, according to the company's ThreatLandscape Report 2024, which was based on data monitoring in the dark web.

"India: Rapid digitization exposed 95 entities, making it the second most attacked nation," the report said.

Israel ranked third out of 57 organizations that experienced assaults as a result of geopolitical tensions.

"The threat actors impacted various sectors in India, with the finance and banking sectors experiencing the highest number of victims at 20.

This was followed by the government sector with 13 victims, telecommunications with 12, and the healthcare and pharma and education sectors with 10 and 9 victims, respectively," the report said.

The main breaches, according to the report, were 2 TB of data from Telecommunications Consultants India, 850 million records of Indian citizen data that were leaked from Hi-Tek Group, and customer data from Star Health and Allied Insurance.

The study states that 108 ransomware attacks were reported nationwide.

"Lockbit was the most active ransomware group in India, being responsible for over 20 incidents in the country, followed by more than 15 targets by Killsec. Ransomhub ransomware was responsible for over 12 incidents in the country," the report said.

CloudSEK highlighted companies must fix identified vulnerabilities to close gaps and prevent exploitation in the face of changing threats. Businesses should also use AI-powered solutions to identify and address threats instantly; multi-factor authentication, network segmentation, and privileged access control should all be put into place. It's also critical to create a reaction strategy to minimize downtime during an attack. Companies also need to interact with public-private networks to share intelligence and raise cybersecurity awareness within teams.