Hacks, thefts and disruption: The worst data breaches of 2025

As 2025 draws to a close, it's time to reflect on a year marked by unprecedented cybersecurity incidents that left organizations reeling and exposed. TechCrunch takes a closer look at some of the most significant data breaches that unfolded over the past year, revealing a landscape fraught with threats and vulnerabilities. The U.S. government emerged as a prime target for cybercriminals this year, beginning with a shocking cyberattack on the U.S. Treasury by Chinese hackers. This was quickly followed by breaches affecting multiple federal agencies, including one responsible for the security of the nation’s nuclear arsenal, all due to a vulnerability in SharePoint. Meanwhile, Russian hackers infiltrated the U.S. Courts' filing system, raising alarms throughout the federal judiciary. However, nothing could match the scale of the breach perpetrated by the Department of Government Efficiency (DOGE), led by Elon Musk. This controversial initiative flouted numerous federal security protocols, resulting in the largest data raid in U.S. history. Staffers faced potential legal repercussions under U.S. hacking laws, especially after Musk’s public fallout with President Trump left them vulnerable. In a separate incident, the notorious ransomware group Clop sent shockwaves through American corporate giants in late September. Executives received threatening emails containing their personal information and ransom demands in the millions. Clop had exploited a significant vulnerability in Oracle’s E-Business software, compromising sensitive employee data across numerous organizations including universities and hospitals. Salesforce customers also faced turbulence as hackers breached two of its partner companies, Salesloft and Gainsight, leading to the theft of a staggering billion customer records stored on Salesforce’s cloud. This breach impacted many prominent tech companies, including Google and LinkedIn. The hacking collective known as Scattered Lapsus$ Hunters emerged, advertising stolen records on a data leak site, indicating that new victims were continually being targeted. The U.K. retail sector bore the brunt of cyberattacks this year, with major breaches at Marks & Spencer and the Co-op, leading to significant disruptions and empty grocery shelves. A subsequent attack on Jaguar Land Rover resulted in a halt of production, prompting a £1.5 billion government bailout to support affected employees and suppliers. South Korea faced its own data crisis, experiencing a significant breach each month. SK Telecom fell victim to a hack, exposing 23 million records, while a devastating fire at a data center erased critical government information. The most alarming theft involved Coupang, where 33 million customers' personal data was compromised over several months, ultimately leading to the resignation of the company's CEO. These incidents highlight a troubling trend in cybersecurity, where disruption increasingly becomes the goal for financially motivated hackers, overshadowing the traditional focus on stealing data.