What You Can Do to Stay Safe
We’re only halfway through 2025, and already this year has seen a surge in sophisticated cyberattacks across the globe. From international retail giants to government agencies, no organization has been immune. The rise of AI-assisted cybercrime is allowing attackers to scale faster, craft more believable phishing lures, and exploit weak links across supply chains and IT infrastructure.
While many of these breaches targeted large enterprises, you shouldn’t think your small business is safe. Many attacks are successful because organizations underestimate their risk.
Below are five of the biggest cyberattacks of 2025 so far, what went wrong, and what you can do to protect your business.
1. DaVita (USA) – Ransomware Cripples Operations
In April, dialysis provider DaVita was hit with a ransomware attack that encrypted critical elements of its network. Despite mitigation efforts, the attack caused disruption to healthcare services. This exposed to significant downtime which is dangerous for the medical sector.
- What Went Wrong: Attackers targeted critical infrastructure with ransomware, likely through a phishing vector or unpatched vulnerability.
- Key Takeaway: Any business that handles sensitive data or critical services is a prime target. Regular backups, robust endpoint protection, and ransomware-specific defense tools are essential.
2. Marks & Spencer (UK) – Three Weeks of Online Outages
In April, the British retail giant had to halt online orders for over three weeks, resulting in a projected £300 million hit to profits. The exact nature of the breach wasn’t disclosed, but operational disruption at this scale points to compromised backend systems.
- What Went Wrong: Prolonged disruption suggests gaps in incident response planning and possibly outdated systems vulnerable to modern threats.
- Key Takeaway: Business continuity and disaster recovery plans are just as important as breach prevention. Conduct regular tabletop exercises and infrastructure assessments.
3. U.S. Office of the Comptroller of the Currency – Government Emails Compromised
Hackers infiltrated the email systems of the OCC, part of the U.S. Treasury Department, exploiting longstanding vulnerabilities. This breach exposed sensitive internal communications and highlighted just how slow some agencies are in patching critical systems.
- What Went Wrong: Known vulnerabilities were left unpatched, and basic cybersecurity hygiene wasn’t enforced at the organizational level.
- Key Takeaway: Regular vulnerability scanning and patch management must be a priority. Even non-technical staff need training on secure email and access protocols.
4. Big Cheese Studio (Poland) – Ransomware Demands in Crypto
This Polish game developer suffered an attack that exposed both its game code systems and employee personal data. The attackers demanded a ransom of 100,000 zlotys in cryptocurrency.
- What Went Wrong: The attackers successfully accessed both intellectual property and internal HR data, likely due to weak network segmentation and a lack of encryption.
- Key Takeaway: Ensure that your sensitive data is isolated and encrypted. Deploy zero-trust policies where possible.
5. Christian Dior Couture (France) – Luxury Brand, Data Breach
In May, Dior confirmed a breach in which customer data was accessed by hackers. While the scope of the breach was limited, the reputational risk was significant for a luxury brand that trades heavily on trust and exclusivity.
- What Went Wrong: Insider threats or third-party vulnerabilities may have played a role. High-end retailers are increasingly targeted for customer lists and payment info.
- Key Takeaway: Review vendor and partner access and enforce multi-factor authentication (MFA) across all accounts, especially those tied to sensitive customer data.
Attack Trends in 2025
These are the top trends we’ve seen so far for attacks in 2025:
- Ransomware is still dangerous, and it’s growing more sophisticated.
- Phishing and social engineering remain key entry points, made worse by AI-generated content.
- Outdated systems and slow patching cycles continue to expose even the most established organizations. Which will get worse as support for Windows 10 ends.
- Third-party vendors and supply chains are now primary targets.
- Reputational risk is growing, especially in industries with high customer trust.
How Small Businesses Can Stay Safe
Small businesses are at risk more than large enterprises. Cybercriminals often sharpen their skills on big targets, then turn their attention to smaller organizations that lack the same level of protection.
Luckily, you don’t need enterprise-level resources to stay secure. What you do need is an active, strategic approach to cybersecurity.
At Baroan Technologies, we recommend:
- Cybersecurity awareness training for employees
- Regular patch management and vulnerability scans
- Managed detection and response (MDR) solutions
- Zero-trust security architecture
- Routine risk assessments to identify vulnerabilities
Learn Your Risk
How vulnerable is your business to a cyberattack? Are your current protections keeping pace with today’s threats, or leaving you exposed?
Find out with a free Cyber Risk Assessment from Baroan Technologies. We’ll help you uncover gaps and take the right next steps to stay secure.
Information Technology Aligned With Your Business Goals?
Baroan is a complete IT services & IT support company working with organizations in Elmwood Park and across the United States of America.
When it comes to IT services and solutions, you need someone who not only comprehends the IT industry but is also passionate about helping clients achieve long-term growth using proven IT solutions. Guy, in leading our company, is committed to helping clients improve their technology in order to develop a competitive edge in their industries.
At Baroan Technologies, Guy Baroan leads a team of dedicated professionals who are committed to delivering exceptional IT services and solutions. With his extensive expertise and hands-on experience, Guy ensures that clients receive the utmost support and guidance in their IT endeavors. Trust in Baroan Technologies to elevate your business systems and stay ahead in today’s competitive landscape.
