From Breweries to Crypto Banks: The Biggest Cyberattacks of 2025

Manama: If there was ever any doubt that cyber-attacks are no longer isolated IT incidents, 2025 put that uncertainty to rest. Over the past year, cybercriminals, hacktivist collectives and nation-state groups demonstrated just how fragile global digital infrastructure has become. From multinational corporations and critical public services to airlines, retailers and schools, no sector was left untouched.
Here are the top 10 cyber attacks of 2025:

Oracle’s Emergency Patch for a “Zero-Day” Nightmare
The Clop ransomware gang found a secret flaw in Oracle's business software that no one knew about. They used it to steal sensitive corporate data and then directly threatened company executives, forcing Oracle to scramble and issue an emergency patch. It was a huge wake-up call about the hidden dangers in essential business tools.

Microsoft SharePoint Servers Fell Like Dominoes
Attackers linked several critical vulnerabilities in SharePoint, compromising hundreds of company servers around the world. Governments and hospitals were hit especially hard, and investigators found evidence that multiple hacking groups tied to China were among the first to exploit the weakness.

A Ransomware Hangover for Brewing Giant Asahi
A ransomware attack forced Japanese brewer Asahi to shut down operations, exposing personal data for nearly two million people. The disruption was so severe that the company doesn’t expect to fully recover until 2026.

Jaguar Land Rover’s Record-Breaking £1.9bn Setback
A major cyber-attack brought production and sales to a standstill across Jaguar Land Rover’s UK operations. The estimated economic damage reached a staggering £1.9 billion, making it the most expensive cyber incident in UK history.

The Hidden Risk in Your Salesforce Account
Hackers didn’t break into Salesforce directly. Instead, they targeted the network of connected third-party apps, stealing digital keys (OAuth tokens) to quietly pull data from customer accounts. The victims included major tech firms and luxury brands, showing how risky interconnected software ecosystems can be.

A Coordinated Wave Grounded Airline Customer Service
A series of synchronized attacks targeted airline call centers and booking platforms. At Qantas alone, up to 5.7 million customer records were exposed. The FBI publicly linked the attacks to a group called Scattered Spider, warning the industry to be on high alert.

The Coinbase Breach Fuelled from the Inside
In this clever scheme, cybercriminals bribed customer support agents overseas to steal user data. That information was then used to run convincing phishing scams. The breach cost Coinbase an estimated $400 million and led them to offer a $20 million reward to help catch the culprits.

UK Retail Giants Hit by a Spring Hacking Spree
Major names like M&S, Co-op, and Harrods faced widespread disruptions and massive financial losses during a spring hacking wave. Surprisingly, several attacks were linked to teenage hackers, proving that you don’t always need sophisticated tools to cause serious damage.

The $1.47bn Crypto Heist Linked to North Korea
Hackers stole a jaw-dropping $1.47 billion in Ethereum from the Bybit exchange—the largest cryptocurrency theft ever recorded. The FBI attributed the attack to North Korea’s Lazarus Group, and the heist contributed to a sharp global rise in crypto-related crime.

A School Software Provider Paid a Ransom to Protect Student Data
PowerSchool, a major provider of school administration software, paid a ransom to prevent the release of sensitive student and teacher data. Months later, a 19-year-old pleaded guilty to being involved, putting a young face on the human cost of these crimes.

From global corporations to local schools, 2025 proved that cyber-attacks are now a systemic threat. Strong defences aren't optional anymore.