Biggest cyberattacks of 2025 (so far) | Official Website of Louis Velazquez, entrepreneur, finance guy and tech innovator

The world of technology is incredible, and our modern life depends on it so much that we don’t want to consider how fragile it is.

“Either you know you’ve been hacked, or you’ve been hacked and you don’t know you’ve been hacked.” That is what retired U.S. Army General Keith Alexander said while serving as head of U.S. Cyber Command and the Central Security Service, according to the Atlantic Council.

The statement alludes to the fact that in the majority of cyberattacks, victims don’t have a clue what happened until an external party notifies them. According to Zscaler, this oblivious majority was 80% in 2016.

The situation has improved over the years. According to IBM’s Cost of a Data Breach Report, in 2023, it reached around 67%; in 2024, it dropped to 58%; and in the report for 2025, it’s at 50%.

IBM’s report shows that the global average cost of a data breach dropped to $4.44 million from $4.88 million in 2024. Still, looking at just the United States, the average cost surged by 9% to $10.22 million, a record high, regardless of the region.

The SentinelOne Key Cyber Security Statistics report for 2025 reveals that security teams take an average of 277 days to identify and contain a data breach. Hacks involving lost or stolen credentials take even longer, at 328 days.

Microsoft’s relationship with China may have contributed to the biggest hacks this year.

Image source&colon; Shutterstock

The biggest cyberattacks, according to the numbers

Measuring the impact of any cybersecurity incident is difficult. Companies take months to recover from the breach after it has been contained, and some never recover.

If customer or employee data is stolen in a breach, it can be used for identity theft or fraud, but it is difficult to tell whether and to what extent cybercriminals have used it.

Highest number of individuals affected by cyberattack

The most significant data breach reported in 2025, in terms of total people impacted, was the PowerSchool data breach. This incident affected more than 60 million students and 10 million teachers.

A hacker threatened to leak personal information, including phone numbers, Social Security numbers, residential addresses, and passwords, among other data, if PowerSchool did not send 30 bitcoin (approximately $2.85 million at the time) to a specific bitcoin address.

The individual was caught and pleaded guilty during his trial, but according to the court documents, he had an unnamed co-conspirator.

PowerSchool provided credit monitoring and identity protection services for two years to students and faculty of its PowerSchool SIS customers, regardless of whether they were individually involved.

Largest amount of money stolen in cyberattack

In February, the Bybit Cryptocurrency exchange was hacked, and hackers stole $1.5 billion worth of cryptocurrency. This hack is the largest such heist in history.

Although looking at hacks through a numbers lens might be interesting, really dangerous hacks may have nothing to do with numbers.

Chinese hackers setting sights on high-value targets

Many recent cyberattacks have been committed by hacking groups suspected of being Chinese state-sponsored. It is important to note that China’s officials always deny involvement and say the U.S. has failed to prove China is behind the incidents.

On July 15, NBC News reported that a Chinese hacking group known as Salt Typhoon breached a U.S. state’s Army National Guard network, according to a Department of Homeland Security memo.

The unnamed state Army National Guard’s network was compromised from March to December 2024, and attackers collected information that could be used to breach National Guard and government networks in other states.

Suspected Chinese hackers also gained access to the email accounts of attorneys and advisers at a Washington, D.C., law firm, Wiley Rein, in an apparent intelligence-gathering operation, reported CNN on July 11.

Wiley Rein helps U.S. companies and the government navigate the trade war with China, and this isn’t the first time it has been hacked.

Microsoft’s China problems

SharePoint is a widely used document sharing and collaboration platform. Several vulnerabilities (bugs) that can be chained together to form a very dangerous attack have been found in the software.

Microsoft (MSFT) prepared patches, but attacks started a day before the patches were released, making it impossible for anyone using the SharePoint on-premises version to apply them.

Using the vulnerability, hackers breached U.S. government systems, including those belonging to the Education Department, Florida’s Department of Revenue, the Rhode Island General Assembly, and the National Nuclear Security Administration, reported Bloomberg.

No sensitive or classified information is known to have been compromised in the attack on NNSA.

“Microsoft confirmed [July 22] that several Chinese-linked hacking groups, including names like ‘Linen Typhoon,’ ‘Violet Typhoon,’ and ‘Storm-2603,’ have been exploiting SharePoint’s flaws,” writes Moz Farooque for TheStreet.

The company is investigating the possibility that one of its Chinese partners in the Microsoft Active Protections Program leaked vulnerabilities to hackers.

Microsoft’s problems in China don’t end there. In July, a ProPublica investigation uncovered that Microsoft is using engineers in China to help maintain the Defense Department’s computer systems with minimal supervision by U.S. personnel. Three days after the story broke, Microsoft announced that it stopped this practice.

Saint Paul, Minn., under cyber siege

The cyberattack on the city of Saint Paul was detected on July 25. In response, the city shut down its information systems to contain the threat. This caused WiFi outages across city buildings and other network-related issues.

More Cybersecurity:

The city engaged two national firms with cybersecurity expertise and the FBI to trace the source and scope of the breach.

However, the attack was executed with such surgical precision that Minnesota had to call in the National Guard, reported Reuters.

The National Guard was probably needed for manpower to help rebuild the infrastructure and also because before systems go back online, tasks have to be done with low-tech tools like pen and paper.