Every year, TechCrunch looks back at the cybersecurity horrorshows of the past 12 months — from the biggest data breaches to hacks resulting in weeks of disruption — to see what we can learn. This year, the data breaches were like nothing we’ve seen before.
Here’s our look back at some of the biggest security incidents of 2025, starting with:
The U.S. government remained one of the biggest targets in cyberspace. The year started with a brazen cyberattack by Chinese hackers on the U.S. Treasury, followed by the breaching of several federal agencies, including the agency tasked with safeguarding U.S. nuclear weapons, thanks to a SharePoint security flaw.
All the while, the Russian hackers were stealing sealed records from the U.S. Courts’ filing system, sending alarm bells ringing across the federal judiciary.
But nothing quite came as close as DOGE ripping through federal government departments and databases in what became the biggest raid of U.S. government data in its history.
WASHINGTON, DC – MAY 30: Tesla CEO Elon Musk, with a visible black eye, listens as U.S. President Donald Trump speaks to reporters in the Oval Office of the White House on May 30, 2025 in Washington, DC. Image Credits:Kevin Dietsch / Getty Images
The Trump administration’s Department of Government Efficiency, or DOGE as it was widely known, led by Elon Musk and his band of private sector lackeys, violated federal protocols and defied common security practices. They ransacked federal databases of citizens’ data, despite warnings of the national security risks and conflicts of interests over Musk’s overseas business dealings. Legal experts say that DOGE staffers are “personally liable” under U.S. hacking laws, though a court would also have to agree.
Musk’s subsequent, very public falling out with President Trump saw the billionaire leave DOGE, and left staffers fearing that they could face federal charges without his protection.
In late September, senior executives at American corporate giants began receiving threatening emails from a prolific ransomware and extortion group called Clop. The emails included an attached copy of their personal information — and a ransom demand for several million dollars not to publish it.
Months earlier, the Clop gang had quietly exploited a never-before-seen vulnerability in Oracle’s E-Business software, a suite of applications used for hosting a company’s core business information, such as financial and human resources records, supply chain data, and customer databases. The vulnerability allowed Clop to steal reams of sensitive employee data, including data belonging to executives, from dozens of organizations that rely on Oracle’s software.
... continue reading