Site visit to Jaguar Land Rover's supplier, Webasto.

The Holiday Downtime Report 2025: Key trends, costs, and lessons from past year’s biggest IT outages

Written by:
Adam Moore for Digi Infrastructure Management
December 3, 2025
Jacob King // PA Images via Getty Images

The Holiday Downtime Report 2025: Key trends, costs, and lessons from the past year’s biggest IT outages

The cost of unplanned downtime increases annually, with businesses across every industry niche exposed to potentially ruinous expenses. The causes of outages vary along with recovery costs, so it’s vital for organizations of all sizes to carry out reconnaissance and learn from the calamities others have faced in this context.

The dangers of downtime and the likelihood of it occurring increase during peak periods of activity. As the holidays approach, it’s especially useful to reflect on the most prominent incidents that occurred last year, with a view to preventing them as 2025’s busiest season begins.

To that end, the team at IoT solutions provider Digi Infrastructure Management put together an overview of serious outages from 2024 and 2025 across several key sectors, including the trends they point toward, the costs incurred, and what can be gleaned from the fallout.

Retail Downtime

One of the most prominent outages in this sector in the last 12 months involved Ahold Delhaize, a multinational retail company that suffered a cyberattack in November 2024.

With over 2,000 stores nationwide, including many Stop & Shop locations, and sales exceeding $14.49 billion in the U.S alone, the attack disrupted both brick-and-mortar transactions and e-commerce operations.

The outage was traced to Food Lion, one of its sub-brands, with the repercussions impacting the organization for more than seven days. This included issues with its pharmacy services, with reports of customers being unable to pay with debit cards in some instances.

In April 2025, the company confirmed via a statement that the downtime caused by the attack also resulted in direct data theft. The perpetrators, reportedly affiliated with INC Ransom, stole as much as 6 terabytes of private information.

Subsequently, the group threatened to sell the data if certain, undisclosed demands were not met. It was subsequently confirmed that 2.2 million people had their data exposed in the attack.

While the costs incurred by Ahold Delhaize during this downtime and the subsequent ransom negotiations have not been made public, it is reasonable to assume that they amount to tens of millions of dollars. IBM’s most recent data breach research suggests the average cost of individual incidents is $4.4 million. Coupled with the in-store disruptions and reputational damage to its sub-brands, Ahold Delhaize’s incident serves as a cautionary tale for the entire industry.

Aside from the likely expense of this outage, it highlights the trend for interconnected systems to leave retailers exposed to wide-ranging disruption, even if the source of the original breach is localized. As soon as one IT asset becomes compromised, others may fall, or must be taken offline as a precaution.

Manufacturing Downtime

The toll taken by downtime in manufacturing is just as prominent and problematic as in retail, and the root causes of the costliest incidents are also shared.

The daily cost of downtime in this sector is estimated at $1.9 million, with the cost of ransomware attack-related downtime for manufacturers over a five-year period pegged at $17 billion. In terms of duration, outages associated with ransomware typically take around 11 days to resolve, although the most severe instances can persist for months.

The most prominent example actually comes from 2025, and the full extent of the damage done will take some time to quantify. The U.K.-based automaker Jaguar Land Rover suffered more than four weeks of downtime following a cyberattack in September, with losses exceeding $68 million suffered for each week its manufacturing operations were on pause.

This incident demonstrated not only the startling costs one company can incur as a result of downtime but also the knock-on effects of a significant manufacturing shutdown that ripples down the supply chain. More than 5,000 companies were affected by JRL’s outage, resulting in cumulative costs of over $2.55 billion.

The combination of lost earnings and recovery expenses will impact the manufacturer for half of this total, with the rest falling on suppliers, partners, and the broader economy.

As with the retail industry, lessons manufacturers can learn from this include the importance of business continuity planning in the face of persistent and pressing cyber threats. While an organization like JRL has the backing and the brand clout to weather this storm, it is unlikely that smaller-scale manufacturing firms would be able to undergo weeks of downtime with the possibility of recovery remaining intact.

Agri-Food Downtime

Businesses involved in agriculture and food production join their counterparts in retail and manufacturing as they struggle with the rising tide of cybercrime. In fact, one report suggests that the agri-food sector has experienced a 101% increase in such incidents over the past year, which is significantly higher than the 38% average across all industries.

Researchers argue that although it is usually the multimillion-dollar breaches that make headlines, more attention needs to be focused on the plight of smaller businesses that suffer from the same issues, albeit on a smaller scale.

Again, ransomware remains the primary concern in this sector. When IT assets are compromised, regional farmers and food producers could end up paying around $5,000 to regain access to mission-critical data. The downtime they experience during an infection also creates costs and complications that need to be recovered from.

Last Lessons from Downtime Incidents

The lessons exemplified by the most significant outages of last year are the same ones demonstrated in the wake of downtime incidents that have occurred over the course of more than a decade. Cyber threats are the biggest stumbling block for modern businesses, regardless of the industry in which they operate. Failure to protect systems and devices from these threats results in steep recovery costs, often amounting to millions of dollars for even midsize organizations.

Taking proper precautions and planning to preserve business continuity when attacks inevitably occur is a necessity for companies across the board. Some will have to learn the hard way, and these mistakes are undoubtedly helpful for others to absorb and avoid.

This story was produced by Digi Infrastructure Management and reviewed and distributed by Stacker.


Trending Now