Biggest Data
Breaches of 2025
In many ways, 2025 became the “Year of the Third-Party Exploit.” Instead of breaking directly into company networks, attackers increasingly compromised trusted software vendors, cloud platforms, and service providers. When those systems failed, the ripple effects exposed data belonging to millions of users across multiple organizations at once.
At the same time, cybercrime evolved beyond simple password theft. Many recent data breaches involved large-scale identity profiling, where attackers collected detailed personal records used for fraud, impersonation, and long-term surveillance. The biggest data breaches of 2025 reveal a troubling pattern: these incidents were not isolated hacks but signs of deeper weaknesses in how companies protect consumer data.
Top 5 Data Breaches of 2025 Based on Records Compromised
“The Mother of All Dumps”: 16 Billion Passwords
In June 2025, cybersecurity researchers uncovered what many called the “mother of all dumps,” a massive credential leak affecting users connected to major platforms, including Google, Apple, and Meta. The dataset contained billions of login records gathered from exposed databases and infostealer malware logs that quietly harvested credentials from infected devices.
Unlike a traditional breach of a single company, this leak aggregated credentials linked to thousands of online services, making it one of the largest credential leaks and password data breaches ever discovered. Researchers warned that the records could enable large-scale phishing campaigns, credential stuffing attacks, and account takeovers across major consumer platforms.
Coupang: 34 Million Records
In December 2025, South Korean e-commerce giant Coupang disclosed a major data breach affecting roughly 34 million user records. Reports indicated the breach exposed sensitive personally identifiable information, including names, contact details, and other account data tied to customer profiles.
The breach involved unauthorized access to internal systems, raising concerns about how much personal data large online retailers store about their users. Because platforms like Coupang store shopping histories, addresses, and delivery information, the exposed records could enable fraud or targeted phishing attacks.
SK Telecom 27 Million Users
In April 2025, South Korea’s largest mobile carrier, SK Telecom, disclosed a major cybersecurity incident after malware infiltrated internal systems and compromised data tied to USIM authentication records.
The breach affected roughly 27 million users, exposing them to SIM swapping attacks, identity fraud, and unauthorized access to mobile services. South Korean regulators later investigated the incident and imposed a 9.7 million dollar fine on SK Telecom, citing failures in security controls and oversight.
Bybit Crypto Exchange: $1.5 Billion Theft
In February 2025, cryptocurrency exchange Bybit was targeted in what security analysts described as the largest crypto theft in history. Attackers linked to North Korea’s Lazarus Group exploited vulnerabilities tied to the exchange’s wallet infrastructure and moved roughly 1.5 billion dollars in digital assets.
The incident highlighted how sophisticated state-backed hacking groups increasingly target cryptocurrency platforms, which often hold enormous reserves of digital assets in centralized systems. Security experts say attacks like this allow groups such as Lazarus to generate significant revenue while evading international financial sanctions.
700Credit: 5.8 Million Individuals
In December 2025, credit reporting service 700Credit disclosed a data breach that exposed personal information belonging to roughly 5.8 million individuals. Investigators traced the breach to a vulnerability in an application programming interface (API) that allowed unauthorized access to consumer records used in automotive financing and credit checks.
The exposed data included highly sensitive identifiers such as Social Security numbers and driver’s license numbers, along with other personal details tied to credit applications. Because this information is often used to verify identity in financial transactions, security experts warned that the breach could create long-term risks for identity theft and financial fraud.
The “Salesforce Ripple Effect”
During the summer of 2025, investigators uncovered a wave of technology and software data breaches tied to compromised OAuth tokens connected to Salesforce integrations. Rather than breaking into company networks, attackers used stolen authentication tokens to access systems that trusted Salesforce-connected apps, thereby bypassing traditional login security.
The campaign soon spread across multiple industries. Among the most prominent victims were Qantas, which reported about 6 million records exposed, and TransUnion, where the breach affected roughly 4.4 million people. Luxury retail brands such as Chanel and Pandora were also impacted through connected systems.
Security researchers described the incident as a classic supply chain attack. Because the intrusion originated through a trusted third-party platform, dozens of companies were affected by a single vulnerability. When shared software ecosystems fail, the resulting breaches can expose millions of consumers at once, creating particularly strong foundations for class action litigation related to data security failures.
Critical Infrastructure and Healthcare Hits
Several major breaches in 2025 showed how cyberattacks can disrupt essential industries and expose highly sensitive personal data at scale.
Jaguar Land Rover (JLR)
In September 2025, a ransomware attack forced Jaguar Land Rover to halt production across several UK facilities. The disruption reportedly cost the company an estimated $2.4 billion, demonstrating how cyber incidents targeting industrial systems can quickly ripple through manufacturing and global supply chains.
University of Phoenix and the University of Pennsylvania
Later in 2025, attackers linked to the Clop ransomware group exploited vulnerabilities tied to Oracle E-Business Suite systems used by universities. The attacks exposed records of millions of students and staff, adding higher education to the growing list of sectors affected by supply-chain-style breaches.
North East Medical Services (NEMS)
A breach disclosed in October 2025 exposed sensitive health care data belonging to thousands of patients, reinforcing a persistent trend. Health care providers remain frequent targets, and health care data breaches continue to expose large volumes of valuable personal and medical information.
Status of 2025 Data Breach Settlements
Several major data breach settlements and lawsuits tied to incidents in 2025 are already moving through the courts, with some settlements beginning to take shape in early 2026. One example is the Nova Recovery settlement, which received preliminary approval in January 2026 following a breach reported in May 2025. The case stems from allegations that sensitive consumer information was exposed through Nova Recovery Center’s systems, potentially putting patients’ personal and health-related data at risk. The settlement is expected to move toward final approval and potential payments later in the year.
Another high-profile case involves the Cash App $15 million settlement, which has reached final approval. Payments for eligible claimants are being distributed in early 2026, illustrating how compensation often arrives months after a breach first becomes public. This timeline reflects the complexity of proving damages and negotiating class action resolutions. Settlement payouts vary widely, but the average settlement of data breach lawsuits often depends on the sensitivity of the exposed data and the number of people affected.
How to Take Legal Action if You Were Notified
If you received a Notice of Data Breach letter in 2025, the first step is to preserve that document. The notice typically has details about what information was exposed and when the incident occurred. You should also monitor your credit reports and financial accounts for suspicious activity, since identity theft and fraud often appear months after a breach is disclosed.
Many companies offer free credit monitoring after a breach. While these tools can help detect suspicious activity, they do not compensate victims for the potential misuse of their personal information or the risks created by the breach.
In many cases, affected consumers may be eligible to sue a company for a data breach and pursue financial compensation through a class action lawsuit. Law firms often investigate large-scale breaches and consolidate claims from thousands or even millions of victims, allowing individuals to hold companies accountable for failing to properly safeguard personal data.
Making Corporations Pay for Poor Security
Many of the biggest data breaches of 2025 were not caused by sophisticated new hacking techniques but by preventable failures such as delayed security patches, misconfigured systems, and weak oversight of third-party vendors. When organizations rely on complex software ecosystems but fail to properly monitor those systems, a single vulnerability can expose millions of consumers at once.
Holding companies accountable through lawsuits and state data privacy laws plays an important role in improving cybersecurity practices. When corporations face legal and financial consequences for failing to safeguard personal data, it creates stronger incentives to invest in better security controls, vendor management, and ongoing risk monitoring. For consumers affected by these breaches, legal action can help push organizations to treat data protection as a core responsibility rather than an afterthought.