Hacks, thefts and disruption: The worst data breaches of 2025

Every year, TechCrunch looks backmost astatine the cybersecurity horrorshows of the past 12 months — from the biggest information breaches to hacks resulting successful weeks of disruption — to spot what we tin learn. This year, the information breaches were similar thing we’ve seen before. 

Here’s our look backmost astatine immoderate of the biggest information incidents of 2025, starting with:

The U.S. national authorities was breached, respective times over

The U.S. authorities remained 1 of the biggest targets successful cyberspace. The twelvemonth started with a brazen cyberattack by Chinese hackers connected the U.S. Treasury, followed by the breaching of respective national agencies, including the agency tasked with safeguarding U.S. atomic weapons, acknowledgment to a SharePoint information flaw.

All the while, the Russian hackers were stealing sealed records from the U.S. Courts’ filing system, sending alarm bells ringing crossed the national judiciary.

But thing rather came arsenic adjacent arsenic DOGE ripping done national authorities departments and databases successful what became the biggest raid of U.S. authorities information successful its history.

WASHINGTON, DC – MAY 30: Tesla CEO Elon Musk, with a disposable achromatic eye, listens arsenic U.S. President Donald Trump speaks to reporters successful the Oval Office of the White House connected May 30, 2025 successful Washington, DC.Image Credits:Kevin Dietsch / Getty Images

The Trump administration’s Department of Government Efficiency, oregon DOGE arsenic it was wide known, led by Elon Musk and his set of backstage assemblage lackeys, violated national protocols and defied communal information practices. They ransacked national databases of citizens’ data, contempt warnings of the nationalist information risks and conflicts of interests implicit Musk’s overseas concern dealings. Legal experts accidental that DOGE staffers are “personally liable” nether U.S. hacking laws, though a tribunal would besides person to agree.

Musk’s subsequent, precise nationalist falling retired with President Trump saw the billionaire permission DOGE, and near staffers fearing that they could look national charges without his protection.

Hackers are extorting dozens of companies whose Oracle E-Business servers were breached

In precocious September, elder executives astatine American firm giants began receiving threatening emails from a prolific ransomware and extortion radical called Clop. The emails included an attached transcript of their idiosyncratic accusation — and a ransom request for respective cardinal dollars not to people it.

Months earlier, the Clop pack had softly exploited a never-before-seen vulnerability successful Oracle’s E-Business software, a suite of applications utilized for hosting a company’s halfway concern information, specified arsenic fiscal and quality resources records, proviso concatenation data, and lawsuit databases. The vulnerability allowed Clop to bargain reams of delicate worker data, including information belonging to executives, from dozens of organizations that trust connected Oracle’s software.

Oracle had nary thought until it was caught retired successful October arsenic it was scrambling to spot the vulnerability. It was excessively late, though: the hackers had already stolen gobs of information from universities, hospitals and wellness systems, media organizations, and more.

This was Clop’s astir caller mass-hacking campaign. The radical had antecedently exploited flaws successful endeavor file-transfer services, specified arsenic GoAnywhere, MOVEit, and Cleo Software, which tech giants usage to stock ample amounts of accusation implicit the internet.

Hacker corporate steals astatine slightest 1 cardinal records from Salesforce databases

Salesforce customers had a unsmooth twelvemonth aft 2 abstracted information breaches astatine downstream tech companies allowed hackers to bargain a cardinal records of lawsuit information stored successful Salesforce’s cloud. 

Hackers targeted astatine slightest 2 companies, Salesloft and Gainsight, some of which let their customers to grip and analyse the information that they store successful Salesforce. 

By breaching these companies directly, the hackers gained entree to each of the information done their lawsuit connections to Salesforce. Some of the largest tech giants had information stolen successful the breaches, including Bugcrowd, Cloudflare, Google, Proofpoint, Docusign, GitLab, Linkedin, SonicWall and Verizon.

A hacking corporate known arsenic Scattered Lapsus$ Hunters, made up of members from antithetic hacking groups, including ShinyHunters, published a data leak tract advertizing the stolen records successful speech for a ransom paid by the victims. New victims are inactive rolling in.

Hackers ransack the UK retail sector, and disrupt operations astatine Jaguar Land Rover, denting the economy

Hackers tore done the U.K. retail assemblage earlier this year, stealing information from Marks & Spencer and astatine slightest 6.5 cardinal lawsuit records from the Co-op. The back-to-back hacks sparked outages and disruption crossed the retailers’ networks, and immoderate market shelves went bare arsenic the systems utilized to enactment the retailers were knocked out. Luxury store Harrods was besides aboriginal hacked.

An aerial presumption of JLR signage astatine the Jaguar Land Rover conveyance manufacturing works successful Castle Bromwich connected September 30, 2025 successful Birmingham, United Kingdom, pursuing its hack and information breach.Image Credits:Christopher Furlong / Getty Images

But a large cyberattack targeting Jaguar Land Rover, 1 of the country’s biggest employers, near a dent successful the U.K. economy. A September hack and information breach saw JLR’s car works stall accumulation for months arsenic the institution worked to get its systems backmost up and running. 

The fallout affected JLR’s suppliers crossed the U.K., immoderate of whom went retired of concern altogether. The U.K. authorities ended up guaranteeing a bailout to the tune of £1.5 billion to guarantee Jaguar Land Rover employees and suppliers got paid during the shutdown.

U.K. information experts said the breach was the astir economically damaging cyberattack to deed the United Kingdom successful history, showing that disruption whitethorn beryllium much invaluable for financially motivated hackers than stolen data.

South Korea sees months of hacks and information breaches

South Korea experienced a large information breach each period this year, and the idiosyncratic information of millions of its citizens was compromised acknowledgment to information lapses and shoddy information practices astatine the country’s biggest tech and telephone providers.

The country’s largest telephone company, SK Telecom, was hacked and 23 cardinal lawsuit records were exposed; respective cyberattacks were attributed to its hostile North Korean neighbor; and a massive information halfway fire wiped retired years of Korean authorities information that wasn’t backed up.

But the cherry connected information breach barroom was the months-long theft of immoderate 33 cardinal customers’ idiosyncratic accusation from Coupang, the country’s retail elephantine that immoderate telephone Asia’s Amazon. The data theft began successful June, but wasn’t detected until November, and yet led to the company’s main executive resigning.