May 2025 was a challenging month for cybersecurity. Large corporations such as Coinbase, Marks & Spencer, and Ascension Health experienced serious data breaches. These breaches had an impact on millions of individuals globally. In addition to this, the attacks demonstrated how vulnerable third-party security can endanger your business.
In this article, we'll dissect what occurred in May 2025. We'll also detail how these breaches occurred and how you can keep yourself safe. If you're concerned about your business being secure, learning about such incidents is the initial step towards remaining safe.
What Are Data Breaches and Why Do They Matter?
A data breach occurs when an individual gains unauthorized entry into a system. They pilfer sensitive data such as names, passwords, or credit card details. Furthermore, these attacks can be devastating to businesses. They lose revenue and customer trust and encounter legal issues.
The May 2025 breaches were particularly devastating. They struck healthcare, finance, and retail sectors severely. Consequently, millions of individuals now have their identities stolen. That's why information about such incidents is so crucial.
Major Data Breaches That Occurred in May 2025
Google & Apple Data Breach—184 Million Passwords Leaked
In May of 2025, security researcher Jeremiah Fowler discovered an enormous database waiting online. It was completely unsecured—having no password at all. The database held 184 million login details for top platforms.
Services Affected:
- Apple
- Microsoft
- Snapchat
- Roblox
The information probably originated from infostealer malware. This application silently steals data from compromised devices. Once installed, it captures passwords, cookies, and autofill information.
It was removed from the database after Fowler disclosed it.
But there's no possible way to know if it had been accessed previously. If you use any of these products, you should immediately change your password. (New York Post)
Coin base Data Breach – Insider Threat Exposes 69,000 Users
Coinbase, one of the prominent cryptocurrency exchanges, found an extensive breach on May 11, 2025. The hackers bribed foreign customer support contractors to steal account information. The attack began on December 26, 2024, but was not detected until May.
What Was Stolen:
- Contact information and names
- Partial Social Security numbers
- Masked banking information
- ID photos
Surprisingly, no crypto keys or funds were accessed. Yet, the breach can cost Coinbase a maximum of $400 million. As a result, the company terminated contracts with remote support teams abroad. They also established a new U.S.-based support center.
The hackers wanted $20 million to remain silent about the ongoing information. This example demonstrates why businesses should thoroughly vet third-party partners.
Marks & Spencer Cyberattack – Scattered Spider Strikes Again
Marks & Spencer (M&S), a large UK retailer, was hit with a ransomware attack in May 2025. The Scattered Spider group attacked using DragonForce malware to encrypt systems at 1,400 stores. The attack occurred over the Easter weekend when security monitoring was less stringent.
Impact Details:
- Hundreds of thousands of affected customers
- Customer information stolen
- No payment information indicated as compromised
- Expected loss: £300 million ($400 million)
The breach probably involved M&S IT partner, Tata Consultancy Services. The hackers exploited social engineering. As a result, online shopping systems were brought down for weeks. The recovery efforts dragged on into July 2025.
The attack was within a larger campaign aimed at UK retailers. Co-op and Harrods were also subjected to similar attacks during the same period.
Coca-Cola Middle East Ransomware Attack
The Everest ransomware group attacked Coca-Cola's Middle East operations. They took sensitive employee records and demanded a ransom of $20 million. When Coca-Cola would not pay, the hackers dumped the data on the internet.
This incident demonstrates that even international brands are not immune. Ransomware groups are becoming more aggressive. They are hitting large corporations and asking for enormous ransoms.
LexisNexis Data Breach – 364,000 Records Compromised
LexisNexis, an analytics company, was breached via its GitHub account. The attack revealed data on more than 364,000 individuals.
Compromised Information:
- Names
- Social Security numbers
- Contact details
- Driver's license numbers
The breach occurred due to weak security on the company's code repository. It showcases how even technology-based companies can commit simple security errors.
How to Protect Your Business from Data Breaches
Conduct Regular Security Assessments
You need to know where your weaknesses are. That's where penetration testing comes in. Companies like OraSec specialize in finding vulnerabilities before hackers do.
OraSec provides expert-led penetration testing services. Their team has identified vulnerabilities for over 400 companies worldwide. They simulate real-world attacks to uncover hidden risks. Moreover, they provide comprehensive reports with actionable steps.
What OraSec Offers:
- Detailed vulnerability assessments
- Expert penetration testing
- Customized security solutions
- Compliance support for regulations like HIPAA and GDPR
Penetration testing should happen at least once a year. You should also test after major system changes. OraSec makes this process smooth and minimally disruptive to your operations.
Why OraSec Is Your Best Defense Against Breaches
OraSec helps companies stay ahead of cyber threats. Their penetration testing services uncover vulnerabilities before hackers find them. As a result, you can fix problems before they become breaches.
Key Benefits:
- Protect your business reputation
- Maintain customer trust
- Ensure regulatory compliance
- Prevent costly breaches
They provide tailored solutions based on your specific risks. Additionally, their reports include clear, prioritized recommendations.
Testing takes between one to four weeks depending on your systems. The process is designed to minimize disruption. You'll get a detailed report explaining every vulnerability found.
Don't wait for a breach to expose your weaknesses. Schedule a demo with OraSec today and protect your business before hackers strike.
Conclusion
May 2025 showed us that data breaches are a serious and growing threat. From Coinbase's insider attack to M&S's ransomware disaster, the incidents affected millions of people. The common thread? Weak security at vulnerable points.
Your business doesn't have to be the next victim. Take action now to protect your systems and data. Work with experts like OraSec to find and fix vulnerabilities. Implement strong security practices across your organization.
Remember, cybersecurity isn't just an IT problem. It's a business priority that affects your reputation, finances, and customer trust. The breaches of May 2025 prove that no one is immune. But with the right approach, you can significantly reduce your risk.
Don't wait for attackers to find your weaknesses. Schedule a demo with OraSec today and take control of your security before it's too late.
