2025 is Rebecca Love - Bewitched Housewives (2007)now halfway through, and we have a pretty good idea of what the biggest tech trends will be. AI, cryptocurrency, and AR/VR are just some of the fast-developing technologies that have defined the year so far.
However, there's one tech trend that has continued to flourish year after year, unfortunately: Data breaches.
As more of our lives (and our data) shifts online, data breaches are getting bigger and affecting even more users. Plus, there are some concerning new cybersecurity trends, changing how leaked data spreads.
With half of 2025 left to go, Mashable takes a look at the biggest data breaches to be aware of in 2025 — so far.
Coinbase, the biggest cryptocurrency exchange in the U.S., announcedlast month that it had suffered a data breach that affectednearly 70,000 customers.
While customer usernames, passwords, and crypto wallets weren't affected, a slew of other sensitive data was. Hackers obtained customer names, addresses, phone numbers, email addresses, photos of government IDs (such as driver's licenses and passports), and the last four digits of social security numbers. The hackers were also able to access some user account data, such as balance snapshots and transaction history.
This leaked information could also allow bad actors to socially engineer users and trick them into believing they're talking to a Coinbase employee. Coinbase understood this latter point as well, as the company offered to reimburse any users who lost funds in this way.
The Coinbase data breach was a particularly brazen cybersecurity incident, as the hackers demanded tens of millions of dollars in ransom in exchange for not leaking the stolen data. (Instead of paying the ransom, Coinbase instead announced in a blog post it was "establishing a $20 million reward fund for information leading to the arrest and conviction of the criminals responsible for this attack.")
The Coinbase data breach should sound alarms for non-crypto users as well, once they understand exactly how the hackers gained access to the company's systems. Hackers bribed Coinbase-contracted overseas customer service agents to breach the company's systems and gain access to user information. This sort of intrusion can happen to any company.
Credit: amgun / iStock / Getty Images Plus The Coinbase breach was certainly unique; however, targeting third-party employees and systems has become a major throughpoint connecting some of the biggest hacks of 2025.
In February, for example, the popular food ordering service Grubhubannounced a data breach that affected both its customers and drivers. Hackers were able to gain access to a variety of different personal data, ranging from names, email addresses, and phone numbers to partial payment card data. The intrusion happened through a third-party service used by Grubhub's customer support team.
Similarly, some customers of the car rental service Hertzhad their data stolen as the result of a vulnerability found in Cleo, a third-party file-sharing service used by the company. Hackers were able to steal not only names, contacts, birth dates, credit cards, and driver's license information, but also even more sensitive data from car accident claims, including social security numbers, government IDs, and medical details.
Cases like these showed that even if you trust a company with your personal data, they're sharing the information with other third parties that you've never even heard of.
One of the worst data breaches ever occurred nearly three years ago,and its reverberations are still being felt in 2025.
Back in 2022, password manager LastPass suffered a massive breach when a cybercriminal stole login credentials for one of the four DevOps engineers who had access to the description keys for the company's cloud storage service. The still-anonymous hacker was able to infiltrate LastPass for months, completely undetected, even after LastPass thought it had dealt with the breach.
Now, in 2025, U.S. officials are investigating a number of cryptocurrency-related crimes that they believe the LastPass data breachmade possible, according to Bleeping Computer. That includes at least one $150 million heist.
The success of the LastPass data breach appears to have set a nefarious new trend into motion: Bad actors are now explicitly targetingpassword managers.
Cybersecurity firm Picus Security shared a new report earlier this year that found that cyberattacks on password managers have tripled compared to 2024. The company's researchers discovered that out of more than a million types of malware, 25 percent of them were specifically targeting password managers.
It appears that, in 2025, cybercriminals have discovered that breaking into a service like LastPass gives them not just a login credential to a single service but the keys to the entire kingdom.
It appears that even hackers need reminders, and that's exactly what this 2025 cybersecurity trend provides them.
This year has seen quite a few cases of older data leaks repackaged with updated or entirely new information and re-released, once again putting previously stolen data back on cybercriminals' radar.
For example, just earlier this month, a hacker leaked 86 million AT&T customer records, which included names, dates of birth, phone numbers, email addresses, physical addresses, and social security numbers. However, according to AT&T, their systems had not been compromised, at least not recently. The company told Mashable that an internal investigation revealed that the leak contained only previously leaked materials from last year's Snowflake hack. AT&T released a statement saying, "it is not uncommon for cybercriminals to re-package previously disclosed data for financial gain."
Credit: Photo by Smith Collection/Gado/Getty Images Mashable reported on one of the biggest data leaks, the RockYou2024leak, last year. Like the AT&T leak, the hacker behind this incident exposed nearly 10 billion credentials simply by compiling previous leaks together and updating them with the latest leaked info.
Similarly, just last month, cybersecurity researcher Jeremiah Fowler discovered a publicly available, unencrypted database including the sensitive login credentials for more than 184 million accountsfor a wide variety of platforms. Passwords for Google accounts, Facebook and Instagram accounts, and even Microsoft products were discovered in this database. One social media platform included in the database, Snapchat, said it had not uncovered any unauthorized access in its systems. This likely means that this database of leaked user information was likely compiled through multiple intrusions, directly at the user level, likely due to malware.
This concerning new cybersecurity trend shows that data stolen years ago can potentially come back to haunt you.
X, the platform formerly known as Twitter, has certainly changed since Elon Musk took over the platform. It's also faced new cybersecurity issues.
Earlier this year, a user on a prominent hacking forum claimed to have sensitive information, such as email addresses and other potentially revealing metadata, for hundreds of millions of X users. While no login credentials were leaked, the information shared was concerning because it could be used in other nefarious ways, such as being able to uncover an anonymous account. This might seem like much of a concern in the context of annoying trolls.
Credit: Nathan Stirk/Getty Images However, this metadata, which reportedly included account creation dates, locations, and current and former display names, could be potentially life-threateningfor political dissidents in countries with harsh punishments for dissent.
Mashable wasn't able to independently verify the veracity of the leak, but the cybersecurity investigators at Safety Detectives say they were able to verify some of the data.
Speaking of Elon Musk, his Department of Government Efficiency, or DOGE, has the potential to be one of the biggest cybersecurity issues of our time.
We know DOGE embedded itself in numerous government agencies, at times accessingsensitive data. We know DOGE installedStarlink terminals at the White House and bypassed the usual security protocols in doing so (per the New York Times). We know that Musk hired young techieswho idolize the billionaire in order to carry out DOGE's mission. (These individuals include then-25-year-old Marko Elez, who had previously published numerous racist posts, and 19-year-old Edward Coristine, also known as Big Balls.)
While Musk has been feuding with his now-former(?) ally, President Donald Trump, the public still doesn't know exactly what information DOGE had access to. More recently, the New York Times also reported that the Trump administration would like the secretive surveillance company Palantirto centralize data on American citizens into one centralized database. Per the Times, Palantir was chosen partly on Musk and DOGE's recommendation.
Topics Cybersecurity
Apple is actively looking at AI search for Safari
What Does a Fact Look Like?
The Talking Cure
The Exorcist’s Apprentice
Stablecoin bill advances in U.S. Senate as Trump critics call to end his crypto dealings
How 3D Game Rendering Works: Lighting and Shadows
Rage and Retribution
Runaway American Dreams
New MIT report reveals energy costs of AI tools like ChatGPT
Acquisition
Here's the real reason Mark Zuckerberg is so afraid of TikTok10 people afflicted by the failure of TrumpcarePete Souza joins chorus gloating over Trumpcare failure with epic Instagram10 people afflicted by the failure of TrumpcareIgnore this guy's dumbbell trick and check out the NBA star grandpa behind himThe Baby Yoda puppet cost $5 million, but its true value is pricelessPete Souza joins chorus gloating over Trumpcare failure with epic Instagram'Glitter booty' is the latest bizarre beauty trend you've secretly always wantedDog playing fetch on an ice rink is as enjoyable as you think it is'Uncanny Valley,' CES, and the end of tech exceptionalismSit back, relax and enjoy some Hillary ClintonThese are the coolest foldable devices confirmed for launch in 2020Instagram is reportedly removing posts supporting Soleimani'Star Wars: The Rise of Skywalker' is now a $1 billion movieCan you imagine ‘The Office’ without Creed? He was almost fired in Season 2.Star Wars script leak shows missed opportunity in 'Rise of Skywalker'Upgrade your WFH hustle with up to 60% off World Market furniture'Jeopardy' facing backlash after wading into IsraelReddit user created a mindPeople are sharing the weird little things that really annoy their mums Hey procrastinators, here's how to score a holiday flight deal Google to fight Apple Watch head The views from these coastal homes will take your breath away World's first 'Maori emoji app' embraces culture, country and cute animals Facebook's not alone: Twitter admits to overcharging advertisers The Pantsuit Nation backlash has spiraled out of control Starbucks will give away some free drinks for the rest of 2016 Toddler's adorable reaction to getting adopted has the internet in tears Kid's festive Christmas drawing accidentally ends up very, very NSFW New Orleans Santa Claus inspires the best Twitter thread of the holiday season The 5 most dramatic moments for Team Internet in 2016 8 weird things Indians did in 2016 to get into Guinness World Records Discover your true Hogwarts house with a magical 'Harry Potter' bath bomb Animal shelter celebrates their empty kennels with a joyous video How to use your extra Amazon boxes to give back this holiday season 'That Dragon, Cancer' team makes a VR mystery game for Daydream Sons save for years and surprise mother with her dream car Double parker receives shoppers' wrath in the form of shopping carts 5 Facebook Live streams that defined the news in 2016 No mercy: Facebook page held hostage in payment dispute
2.8455s , 10180.7734375 kb
Copyright © 2025 Powered by 【Rebecca Love - Bewitched Housewives (2007)】,Pursuit Information Network
