Every year, TechCrunch takes a hard look back at the cybersecurity disasters of the past 12 months, from massive data breaches to hacks that caused weeks of disruption, to see what lessons can be learned. But 2025 was on another level. The hacks weren’t just big; they were unprecedented. Here’s a rundown of the year’s most shocking security incidents:
2025’s Cybersecurity Nightmare: Hacks, Heists, and Global Chaos
The U.S. government was one of the biggest targets this year. Chinese hackers kicked off the year by breaching the Treasury, followed by attacks on multiple federal agencies, including the one responsible for safeguarding the nation’s nuclear arsenal, all thanks to a SharePoint security flaw. Meanwhile, Russian hackers were quietly lifting sealed court records, setting off alarm bells across the federal judiciary.
The biggest shock came from DOGE, the Department of Government Efficiency, led by Elon Musk under the Trump administration. Musk and his team bypassed federal protocols and ransacked citizen data, creating what is now considered the largest theft of U.S. government data in history. Legal experts warn that DOGE staffers could face personal liability under U.S. hacking laws, leaving employees nervous after Musk’s dramatic exit.
Corporate Giants Held for Ransom
In September, the Clop ransomware gang struck dozens of major corporations whose Oracle E-Business servers were compromised. Exploiting a zero-day vulnerability, Clop stole sensitive employee and executive data across industries, from universities and hospitals to media organizations. Oracle scrambled to patch the flaw, but by then, the hackers had already made off with huge amounts of data.
Salesforce Hit With a Billion-Record Breach
Salesforce customers weren’t spared either. Hackers breached downstream companies like Salesloft and Gainsight, siphoning off a billion records stored in Salesforce’s cloud. This attack affected top tech giants, including Cloudflare, Google, LinkedIn, and Verizon. The hacker collective, Scattered Lapsus$ Hunters, a mix of members from different groups, leaked the stolen data online, demanding ransoms from victims.
U.K. Retail and Industry in Turmoil
Hackers targeted the U.K. retail sector, stealing millions of customer records from Marks & Spencer and the Co-op, while luxury stores like Harrods were also compromised. But the most devastating blow hit Jaguar Land Rover. A cyberattack stalled production for months, impacting suppliers across the country and forcing the U.K. government to provide a £1.5 billion bailout. Experts called it the most economically damaging cyberattack in U.K. history, proving disruption can sometimes be more profitable than stolen data.
South Korea Faces Relentless Breaches
South Korea saw a record number of breaches in 2025, with the personal data of millions exposed due to lapses in security at major tech and phone companies. SK Telecom was hacked, revealing 23 million customer records. North Korean actors were linked to multiple attacks, and a massive data center fire wiped out years of government data. Coupang, the country’s largest retailer, suffered a months-long theft of 33 million customer records, culminating in the resignation of its CEO.
2025 showed the world that no organization, from governments to tech giants, is safe from cybercrime. Hackers didn’t just steal data; they disrupted economies, toppled CEOs, and rewrote the rules of digital security.
