Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Looking back at 2025, two mega-trends from the past have continued: First, data breaches remained a constant and continued to trend upward; and second, there was once again a headline disaster no one anticipated. The first point needs no elaboration; data breaches are like air pollution—an accepted nuisance that only occasionally becomes so severe that we wonder why we live like this. For the second point, I gesture toward the major incidents of recent years. MoveIt. Crowdstrike. Snowflake.

LastPass prides itself on being a pioneer in cloud security technology, providing password and identity management solutions for personal and business digital safety. Its over 800 employees and over 20 million customers worldwide have made the company an attractive target for cybercriminals. The company has been in the headlines for several data incidents over the past few years.

700Credit is the major provider of credit reports, fraud detection, identity verification, soft pull credit data, and compliance solutions in powersports, marine dealerships, and automotive in the United States. Based in Michigan, it offers solutions for over 21,000 clients and has more than 250 integration partners, while also managing vital data security for millions of consumers.

700Credit, a US-based credit check and compliance provider, disclosed in late October that it had suffered a significant data breach affecting nearly 18,000 dealerships and more than 5.6 million consumers. According to the company’s disclosure and subsequent reporting, the exposed data includes names, addresses, dates of birth, and Social Security numbers.

Coupang, a company listed on the NYSE, is South Korea’s largest online retailer and is headquartered in Seattle. It serves millions of customers in over 190 countries, including the United States, offering retail, video streaming, restaurant delivery, and fintech services worldwide under various brands. With approximately $4 billion of U.S.

The next wave of supply-chain breaches go beyond exploiting software dependencies and weaponize the trust layer between organizations and their vendors/partners. Off-the-shelf toolkits, some of them state-sponsored, are lowering the barrier to entry for third-party compromises. As a result, regulators are hard-coding “continuous verification” into frameworks such as NIS2, DORA, and the EU Cyber Resilience Act.

In September 2022, Australia woke up to the largest data breach in its history. Optus, the country’s second-largest telecom disclosed that the personal information of nearly 10 million people had been exposed. To put that in perspective, that’s almost 40% of the entire population. Among the data spilled were 2.1 million government-issued IDs – passports, driver’s licenses, Medicare cards – the kind of information that isn’t just sensitive, but life-defining.

Harvard University is the oldest college in the American colonies and one of the most prestigious universities in the United States. It has over 400,000 alumni worldwide and about 20,665 faculty and staff across more than 20 locations globally. The university recently disclosed a data breach in its Alumni Affairs and Development system (AAD) that contained information about people and groups associated with the institution.

Spain's flag carrier Iberia Airlines disclosed a significant data security incident in November 2025 that should put all customers on high alert. The breach, which occurred through a compromised third-party supplier, has exposed personal information and created new risks for travelers who have flown with the airline.