14.9 million records exposed in July 2025
July 2025 was a brutal month for digital security. A recent report reveals at least 29 major cyber incidents that exposed a staggering 14.9 million records worldwide. While this number is a minimum count—since many attacks didn't disclose the full extent of the damage—it's a clear signal that no industry is safe, from retail and travel to government and healthcare.
Who Got Hit the Hardest?
The biggest victims were major companies with vast customer data. A supply-chain attack on Co-op's loyalty program provider exposed 6.5 million records of names, emails, and phone numbers. Following closely, Qantas suffered a breach of a third-party system, leading to the potential leak of 6 million customer records, including frequent-flyer details. The insurance company Allianz Life also lost the majority of its 1.4 million customer records due to a compromised cloud platform.
Modern Threats: It's Not Always About Ransomware
The report highlights a disturbing trend: hackers are increasingly exploiting weaknesses in third-party vendors and partner systems. The most common entry points were vulnerable supply chains, poorly configured cloud storage, and simple credential abuse. This shows that even if your own defenses are strong, a partner's weakness can bring you down.
Additionally, not all attacks involve extortion. Several high-profile cases, like those against Dell and Louis Vuitton, involved pure data theft with no ransom demand. This signals a shift in motivation—from financial gain to simply stealing valuable information.
Ultimately, July's cyber events serve as a powerful warning. The most significant threats are no longer just massive, head-on assaults, but cunning, targeted attacks that exploit the weak links in our digital ecosystems.
source :https://www.itgovernance.co.uk/blog/global-data-breaches-and-cyber-attacks-in-july-2025
