Universities and NHS trusts have repeatedly been targeted by ransomware attacks in 2015 and 2016.
Cyber security firms obtained the information using UK Freedom of Information requests and found none of the universities paid the ransoms.
Only one reported the attack to the police.
According to SentinelOne, the largest ransom demanded was five bitcoins – equivalent to £2,200.
Fifty-eight of 71 universities responded to the information request, with 23 claiming it was the victim of a ransomware attack in the last 12 months.
Bournemouth University said it had been hit 21 times this year, despite having a cybersecurity centre on campus.
A representative from that university said: “It is not uncommon for universities to be the target of cybersecurity attacks.
“There are security processes in place at Bournemouth University to deal with these types of incident.”
The spokesperson also said that the ransomware attack had made “no impact” on the university’s operations.
Twenty-eight NHS trusts claim to have been affected by attacks in the same period.
Ransomware is a form of malware that encrypts computer files and then demands ransom – usually payable in Bitcoin currency – for their release.
Most commonly, ransomware travels via email or hides in downloads and programs from sources that have been corrupted.
Software security specialists Kaspersky Lab reported a 17.7 per cent rise in worldwide ransomware attacks in the 12 months leading up to March 2016, a total of 2.32 million upon an estimated 58 per cent of corporate PCs worldwide.
It has also emerged that the cyber gangs are employing customer services teams and are willing to negotiate on price and deadline.
There could soon be more malicious attacks coming – but cyber security firms have teamed up with Dutch police and Europol to launch a website dedicated to fighting the surge.