The Rise of The Gentlemen: A Closer Look at Cyber Threat Trends in June 2026
In a recently released report by Check Point Research (CPR), a global leader in cybersecurity, the month of June 2026 marked a significant escalation in cyber threats worldwide, most notably with the rise of a ransomware group known as The Gentlemen. This group's emergence as the most active ransomware actor represents a turning point in the landscape of cyber threats.
The alarming statistics reveal that organizations globally experienced an average of 2,270 cyberattacks per week, a 10% increase compared to May and a staggering 17% year-over-year rise. Such a broad increase in attacks illustrates that threat actors are expanding their activities beyond targeted sectors or regions, indicating a more pervasive threat environment. In Japan, despite a slight decrease to an average of 1,635 weekly attacks, the figure still reflects a 30% increase from the previous year, suggesting a significant uptick in cyber threats within the Asia-Pacific (APAC) region.
Omer Dembinsky, a data research manager at CPR, emphasized that the latest data indicates a resurgence in overall cyberactivity rather than a one-off spike. He noted that attackers are expanding their operational scope across industries and regions, illustrating the ongoing evolution of ransomware groups.
Key Sectors Targeted
June's report highlighted that the education and research sector continued to be the most targeted industry, with an average of 4,816 weekly attacks, reflecting a 16% increase from the previous year. The vulnerabilities in educational networks, characterized by constant turnover of devices and limited security resources, make these institutions attractive targets for cybercriminals. Following closely were the government and military sectors at 2,836 attacks per week (up 5% year-over-year) and the telecommunications industry at 2,835 (up 13%). Together, these sectors constitute a significant proportion of the global cyberattack landscape, a trend that has persisted over recent months.
Regional Cyber Threat Trends
In terms of geographical distribution, Latin America experienced the highest frequency of attacks, averaging 3,501 per organization per week, marking a 27% increase year-over-year. The APAC region followed with an average of 3,060 attacks (up 5%), while Africa recorded a slight decrease to 3,008 attacks per week. Both Europe and North America exhibited considerable increases, with attack rates up 22% and 14%, respectively. This widespread escalation underscores the global nature of contemporary cyber threats and the broadening operational capabilities of attackers.
Rising Concerns Over AI-Related Data Risks
Amid these rising statistics, concerns regarding the data breach risks associated with generative AI remain high. In June 2026, it was reported that one in every 26 generative AI prompts (3.9%) posed a substantial risk of leaking sensitive data. Alarmingly, this risk may potentially affect 85% of organizations that regularly utilize generative AI tools. Moreover, 27% of prompts contained information that could be classified as confidential, as organizations engage with an average of seven different generative AI tools and generate approximately 78 prompts per user each month. Latin America recorded the highest incidence of data breach risks associated with generative AI, with 5.2% of prompts posing such risks, significantly above the global average.
Ransomware Attacks on the Rise
The ransomware attack data for June 2026 revealed a total of 646 reported incidents, a staggering 33% increase from the previous year. The business services sector continued to bear the brunt, accounting for 31% of the total reported incidents. This was followed by the consumer goods and services sector at 16% and manufacturing at 14%. Notably, the government and military sectors saw their share of ransomware incidents increase from 4% in April to 5.4% in June. Another noteworthy observation is that the APAC region has experienced a surge in ransomware incidents, surpassing Europe to become the second-largest affected area after North America.
The Gentlemen: A New Era in Ransomware
Among the most significant developments was the emergence of The Gentlemen as the leading ransomware group in June 2026, involved in 17% of reported attacks, overtaking Qilin, which accounted for 11%. Additionally, LockBit showed a marked increase, rising from 1% to 7% involvement in reported attacks, making it the third most active group. The rapid rise of The Gentlemen illustrates the growing capabilities of new Ransomware-as-a-Service (RaaS) groups to scale operations through affiliate recruitment, initial access, and evolving evasion techniques.
For further detailed insights into June 2026's cyber threats, readers are invited to visit the CPR blog.
Check Point Research continues to serve as a critical resource, providing up-to-date threat intelligence to its clients and the broader threat community. Their efforts aim to discourage hackers while developing effective protection measures based on extensive data analysis collected from various cyberattacks worldwide.
For more information about Check Point Software Technologies, visit their website, where they offer comprehensive cybersecurity solutions and are committed to helping organizations safely embrace AI transformation.