Knowledge

State of (in)security - Week 21, 2025

Take action: Three examples of insider threats in a single week. However unpleasant, insider controls are very important and insider abuse is a very real thing.


Learn More

In the week between May 19, 2025, midnight and May 26, 2025, midnight we witnessed a total of:

  • 13 advisory/vulnerability events
  • 17 incident/data breach events

Week over Week comparison of week 21 2025 vs week 20 2025:

We also shared 3 practical knowledge items


Total impacted individuals via the events of the week

There were a total of 184,023,771 impacted individuals across 4 incidents, with the largest breach being the Unsecured database of stolen credentials leaks 184 million credentials incident exposing 184,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

CauseNumber of incidents
Malware, Ransomware and Related Attacks5
Human bad security behaviour3
Software Vulnerability and SDLC Exploits2
System Misconfiguration Exploits2
Third Party Compromise1
Unauthorized access1

Industry breakdown of incidents

IndustryNumber of incidents
Healthcare2
Telecommunications2
Food and Beverage2
Finance1
Government1
Insurance1
IT/Software/Technology1
Other1
Retail1
Consulting/Professional Services1
Transport/Logistics1
Education1
Entertainment/Leisure1

Read the Event Details of the Week

Knowledge

Vulnerabilities

Incidents

State of (in)security - Week 21, 2025