Top 5 Cyber-Attacks of 2025

The year 2025 has been nothing short of devastating in the world of cybersecurity. Large enterprises and globally recognised brands faced an unprecedented wave of attacks, proving that no organisation is too big to be safe from threat actors.

At Infosecurity, we’ve tracked these developments closely throughout 2025, and several key trends have emerged.

Ransomware continued to dominate headlines, driven by organised criminal groups. What surprised many, however, was the rise of loosely connected collectives, often made up of teenagers, who managed to breach systems using clever but not always sophisticated tactics.

Alongside this, supply chain attacks surged. Adversaries ranging from low-skilled cybercriminals to highly resourced nation-state actors exploited critical vulnerabilities in widely used corporate tools and popular open-source packages. These attacks had a ripple effect, impacting thousands of organisations worldwide.

To help make sense of it all, we’ve compiled Infosecurity’s top five cyber-attacks of 2025. Our ranking considers factors such as the scale of data loss, the cost of recovery, the real-world operational impacts and wider implications.

In October 2025, Oracle warned customers of active exploitation of its E-Business Suite (EBS) after Google’s Threat Intelligence Group revealed hackers were sending extortion emails claiming stolen data.

The campaign was linked to Clop, a Russian-speaking ransomware gang, and involved a zero-day vulnerability, CVE-2025-61882.

Oracle issued an emergency patch on October 5, following earlier fixes in its July update. Victims reportedly include GlobalLogic and Barts Health NHS Trust.

At the end of September 2025, Japanese brewing giant Asahi suspended operations in Japan after a ransomware attack caused a major system failure.

The Qilin group later claimed responsibility, listing Asahi on its leak site and alleging theft of 27 GB of data.

The breach exposed personal information of around 1.914 million individuals, including 1.525 million customers. Recovery efforts are expected to continue until February 2026, after which CEO Atsushi Katsuki plans to establish a new dedicated cybersecurity unit as part of the company’s reconstruction phase.

In September 2025, Jaguar Land Rover suffered a major cyber-attack that halted production and disrupted sales during one of the busiest periods for UK car registrations. The Scattered Lapsus$ Hunters group claimed responsibility, attempting to extort the automaker.

Although operations resumed in October, JLR reported a 24% revenue drop for the quarter. The Cyber Monitoring Centre estimated the incident cost the UK economy £1.9bn and impacted over 5000 organizations, labelling it a “systemic cyber event.”

Starting April 2025, a series of cyber-attacks disrupted major UK retailers. Marks & Spencer (M&S) was among the first victims, suffering service outages and later confirming customer data theft, with losses estimated at £300m.Soon after, the Co-op reported a similar breach costing £206m in revenue loss.

Both incidents, along with an attack on Harrods, were linked to Scattered Spider. UK police arrested four suspects in July, three of them teenagers. 

In February 2025, Dubai-based exchange Bybit suffered the biggest crypto theft ever, losing an estimated $1.447bn (£1.077bn) in Ethereum. The FBI linked the breach to North Korea’s Lazarus Group. Bybit offered a 10% bounty for recovered funds, but the attack sparked a surge in crypto-related crime. BforeAI detected nearly 600 phishing domains in April, while CertiK reported $1.67bn (£1.24bn) stolen in Q1 alone, a 303% jump from the previous quarter. By mid-year, losses hit $2.47bn (£1.84bn), surpassing all of 2024.

The events of 2025 show how cyber threats are evolving faster than ever, and no organization is immune. From ransomware gangs and teenage hacker collectives to nation-state actors exploiting supply chains, the tactics may vary, but the impact is universal, financial losses, operational chaos and reputational damage.

As we reflect on the most significant attacks of 2025, one thing is clear, cybersecurity is not just an IT issue, it’s a business-critical priority that demands vigilance, resilience and a proactive approach to defense.

Looking ahead to 2026, we can expect attackers to double down on exploiting emerging technologies, AI-driven threats and increasingly complex supply chains, making collaboration and innovation in cybersecurity more essential than ever.

ADVERTISEMENT

Enjoyed this article? Make sure to share it!

Looking for something else?