Top Data Breaches of 2025 So Far

Cyberattacks are on the rise, and 2025 has already seen major data breaches affecting millions. As cybercriminals continue to exploit vulnerabilities, organizations across industries are struggling to keep their data safe. Here’s a look at some of the most significant incidents so far.

Major Data Breaches in 2025

January 2025 Breaches

1. PowerSchool

Industry: Education Software

• What happened? Hackers accessed the customer support portal using stolen credentials, exploiting weak authentication controls.

• Impact: Data of 45 million students and parents leaked, including Social Security numbers and health records. This breach has raised serious concerns about student privacy and identity theft risks.

  
  

2. Cariad

Industry: Volkswagen Group Software

• What happened? A whistleblower found exposed cloud storage containing customer data due to misconfigured security settings.

• Impact: 800,000 internet-connected vehicles across Volkswagen, Audi, Skoda, and Seat brands were affected. The leaked data could potentially be used for malicious tracking and unauthorized access to vehicles.

  
  

3. New York Blood Center

Industry: Healthcare

• What happened? A ransomware attack disrupted blood donation services, preventing hospitals from receiving critical blood supplies.

• Impact: Patient and donor data was possibly exposed during an ongoing blood emergency. The breach has intensified concerns about the security of healthcare institutions and their vulnerability to cyberattacks.

4. Frederick Health

Industry: Healthcare

• What happened? A ransomware attack shut down hospital IT systems, severely impacting operations.

• Impact: Emergency services were delayed, causing a patient care crisis. This incident highlights the dangers of cyberattacks in healthcare and the potential risk to human lives.

5. ICICI Bank

Industry: Banking

• What happened? The hacking group BASHE claimed to have stolen sensitive customer banking data from an unsecured system.

• Impact: Potential exposure of credit card numbers, phone numbers, and addresses. If confirmed, this breach could lead to widespread financial fraud and identity theft.

6. Community Health Center

Industry: Healthcare

• What happened? Unauthorized access led to one of the largest healthcare breaches this year, exposing critical patient data.

• Impact: Over 1 million patient records were stolen, including Social Security numbers and contact details. The breach raises alarms over the need for stronger data encryption and access controls in healthcare.

7. Tata Technologies

Industry: IT Services

• What happened? A ransomware attack resulted in the theft of 1.4 TB of sensitive company data, causing operational disruptions.

• Impact: Temporary service outages were reported, with potential risks of intellectual property theft. The breach highlights the ongoing threats facing technology firms handling proprietary data.

February 2025 Breaches

1. Raymond

Industry: Textile

• What happened? A cyberattack targeted IT infrastructure, disrupting key operations across the organization.

• Impact: Investigations are ongoing, with possible business disruptions and financial losses. The incident underscores the growing cybersecurity threats in the manufacturing sector.

2. Cocospy & Spyic

Industry: Surveillance Apps

• What happened? Hackers exploited security flaws in mobile tracking applications, exposing user information.

• Impact: 1.8 million Cocospy and 876,000 Spyic user emails leaked, along with call logs and messages. This breach has sparked debates over the ethics and security of surveillance applications.

3. Anne Arundel County

Industry: Public Sector

• What happened? A ransomware attack hit local government services, crippling operations.

• Impact: Critical systems, including emergency dispatch, were affected. The FBI and CISA are investigating the attack, highlighting the increasing targeting of public sector infrastructure by cybercriminals.

4. Genea

Industry: IVF & Healthcare

• What happened? The Termite ransomware group stole sensitive medical data from fertility clinics, compromising patient privacy.

• Impact: 940 GB of patient records were leaked, including data from the BabySentry management system. The breach has raised serious concerns about data protection in the fertility and healthcare sectors.

Takeaways

These breaches highlight rising cyber threats across industries. Cyberforte, a leading cybersecurity company in Melbourne, helps businesses strengthen defenses with security assessments, multi-factor authentication, encryption, and incident response planning. Stay protected with expert cybersecurity solutions.