In 2025, businesses worldwide lost over $1.5 billion from just five major cyberattacks. These weren’t abstract IT problems. They were business killers that shut down stores, emptied bank accounts, and destroyed customer trust overnight.
Here’s what makes this scary: every single attack could have been prevented. The hackers didn’t use secret weapons or impossible-to-stop techniques. They used basic tricks that any business can defend against.
But here’s the good news. Each disaster teaches us something valuable about protecting our own companies. Today, we’ll break down five real-world attacks from 2025 that hit businesses just like yours. You’ll see exactly how they happened, what they cost, and most importantly, how to make sure your business doesn’t become the next headline.
Proactive defense is key — and ensuring compliance is a big part of it. Partnering with a cybersecurity compliance service provider helps your business meet regulatory requirements while reducing risks before hackers even get close.
Marks & Spencer
Who Got Hit: Marks & Spencer (M&S), Britain’s famous clothing and food retailer
How It Happened: On April 25, 2025, hackers used a trick called social engineering to get inside M&S’s computer systems. They pretended to be IT support and tricked employees into giving them passwords. Once inside, they locked up M&S’s entire online shopping system using DragonForce ransomware.
The Damage: M&S couldn’t sell anything online for 15 weeks. Their website, mobile app, and even in-store pickup services went dark. The company lost $404 million in sales while competitors like Next and Sainsbury’s grabbed their customers.
Customer Impact: Shoppers couldn’t buy clothes or groceries online for nearly four months. Many switched to other stores and never came back. M&S had to apologize publicly and offer discounts to win customers back.
Key Lesson for Your Business: Train your staff never to give passwords over the phone. Real IT support will never call and ask for login details. Also, keep your online and in-store systems separate so one hack can’t shut down everything.
United Natural Foods
Who Got Hit: United Natural Foods (UNFI), the company that supplies groceries to Whole Foods and Amazon Fresh
How It Happened: On June 5, 2025, hackers broke into UNFI’s computer network and locked their systems with ransomware. The company had to shut down their warehouses and delivery trucks to stop the attack from spreading.
The Damage: UNFI lost between $350-400 million in sales because they couldn’t ship food to stores. Whole Foods shelves sat empty while customers went elsewhere for groceries.
Supply Chain Impact: This wasn’t just UNFI’s problem. Hundreds of grocery stores couldn’t get deliveries. Some small stores almost went out of business waiting for food shipments.
Key Lesson for Your Business: If your business depends on suppliers, have backup plans. Know who else can deliver your products if your main supplier gets hacked. Also, cyber insurance saved UNFI from total disaster. Make sure you have coverage too.
DaVita
Who Got Hit: DaVita, a kidney dialysis company treating patients across America
How It Happened: In March 2025, the Interlock ransomware gang broke into DaVita’s lab database. They stole personal health information for 2.7 million patients, including names, addresses, and medical details.
The Damage: DaVita spent $13.5 million on cleanup costs, security experts, and patient protection services. While this was small compared to their $12 billion revenue, the reputation damage was huge.
Patient Impact: Millions of people had their private medical information stolen. DaVita had to send letters to every victim and pay for credit monitoring services to protect them from identity theft.
Key Lesson for Your Business: Keep your most sensitive data separate from everything else. DaVita’s smart network design meant hackers only got lab records, not treatment systems. Patients never lost care, which saved the company’s reputation.
Coinbase
Who Got Hit: Coinbase, America’s largest cryptocurrency exchange
How It Happened: In May 2025, criminals bribed Coinbase customer service workers in other countries to steal user data. These inside helpers copied personal information for thousands of customers. The hackers then demanded $20 million in Bitcoin to keep quiet.
The Damage: Coinbase refused to pay the ransom and instead offered a $20 million reward for information about the criminals. The company expects to lose $180-400 million from lost customers and legal costs.
Customer Reaction: Many crypto users felt betrayed that Coinbase’s own workers had stolen their data. The company’s stock price dropped 6.5% when news broke.
Key Lesson for Your Business: Be careful who you trust with customer data. If you use overseas call centers or contractors, watch them closely. Consider hiring your own staff instead of using third-party services for sensitive work.
Aflac
Who Got Hit: Aflac, the insurance company famous for the duck commercials
How It Happened: On June 12, 2025, the Scattered Spider hacking group tricked Aflac’s help desk into resetting passwords. They wanted to steal customer insurance records.
The Damage: Here’s the good news: Aflac caught the hackers within hours and stopped them. No money was stolen, and insurance claims kept processing normally. Investigation costs were minimal.
Why This Attack Failed: Aflac had excellent monitoring systems that spotted the break-in immediately. They also had a solid response plan that let them shut down the attack before it spread.
Key Lesson for Your Business: Quick detection saves millions. Aflac proved that good monitoring and fast response can turn a potential disaster into a minor incident. Invest in tools that watch your network 24/7.
Common Patterns Across All Five Attacks
Looking at these attacks together, three dangerous patterns emerge. First, human error started most of them. Hackers tricked employees with fake phone calls or emails rather than using complex technical attacks. Second, companies with separate systems suffered less damage. When hackers broke into one area, they couldn’t reach everything else. Third, businesses with good response plans recovered faster and cheaper.
Even more important: attackers don’t care if you’re small or large. They hit a massive retailer like M&S and a regional dialysis provider like DaVita with equal force. Size doesn’t protect you. Preparation does.
How Your Business Can Fight Back
Train Your Team: Teach everyone to spot phishing emails and fake phone calls. Make it clear that real IT support never asks for passwords over the phone. Run practice drills so people know what to do when something feels wrong.
Separate Your Systems: Don’t let one hack shut down everything. Keep your payment systems separate from your email. Store customer data away from your daily work files. Think of it like having multiple locks on your house.
Plan for Disasters: Write down exactly what to do if hackers attack. Who calls the police? Who talks to customers? Who handles insurance claims? Practice your plan before you need it.
Get Cyber Insurance: Every company in our examples had insurance that covered millions in losses. This isn’t optional anymore. It’s as important as fire insurance for your building.
Conclusion
These five attacks cost businesses over $1.5 billion in 2025. But they also taught us exactly how to stay safe. The companies that recovered fastest had three things in common: trained employees who spotted trouble early, separate systems that limited damage, and expert help when they needed it most.
Don’t wait until hackers target your business. Learn from these examples now, while you still have time to prepare. The next headline about a devastating cyberattack doesn’t have to be about your company.
Find Expert Help: You don’t have to fight hackers alone. Defend My Business specializes in helping businesses to get strategic insights to formulate security strategies and procure solutions that save your business from exactly these kinds of attacks. They can spot problems before hackers do and help you recover if something goes wrong.
