October 2025 Data Breach Roundup

 

October 2025 was another tough month for cybersecurity — with millions of personal and enterprise records leaked worldwide. From Qantas and Red Hat to Discord, Williams & Connolly, and SonicWall — threat actors targeted some of the world’s most trusted brands. According to bright defense, these are the five biggest breaches of October 2025: https://www.brightdefense.com/resources/recent-data-breaches/ 1. Qantas: 5.7M customer records leaked after ransom demands ignored 2. Red Hat: 570GB stolen from GitHub/GitLab systems, hitting NASA, Cisco & more 3. Discord: Vendor breach exposes 70K users’ data 4. Williams & Connolly: FBI investigating suspected China-linked law firm hacks 5. SonicWall: All cloud backup customers affected in major exposure Takeaway: Visibility and response speed are everything. Stay patched, stay alert, never assume your backups are bulletproof and of course, check out Plixer One to combat breaches. Subscribe for more cybersecurity updates, breach breakdowns, and threat intel every week. #CyberSecurity #DataBreach #InfoSec #Qantas #RedHat #Discord #SonicWall #HackingNews #NetworkSecurity #CyberAttack #CyberThreats #CloudSecurity #Ransomware #TechNews

Nation-State Breach Exposes “Imminent Threat” to Networks

 

One of the biggest cybersecurity stories of the week: thousands of networks — including U.S. government agencies and Fortune 500 companies — are facing an “imminent threat” following a major breach at Seattle-based software maker F5. Investigators say a China-linked nation-state actor maintained long-term, covert access to F5’s systems for nearly a year, stealing BIG-IP source code, customer configurations, and data on unpatched vulnerabilities. While F5 insists the threat is contained — and firms like CrowdStrike and Mandiant have validated their findings — the potential exposure is massive. CISA and the UK’s NCSC have issued emergency directives urging organizations to patch immediately, harden BIG-IP appliances, and tighten network visibility. Given BIG-IP’s critical role in global infrastructure, this isn’t a drill — it’s a wake-up call for defenders everywhere. https://my.f5.com/manage/s/article/K000154696 https://www.securityweek.com/f5-hack-attack-linked-to-china-big-ip-flaws-patched-governments-issue-alerts/ https://arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/

The Real Cost of Cyber Risk in 2025: What Cyentia’s IRIS Study Reveals

 

The Cyentia Institute’s 2025 Information Risk Insights Study (IRIS) is here — and this year’s theme is Time. Tracking over 150,000 cybersecurity incidents from 2008 to 2024, the data reveals just how fast (and how far) cyber risk has evolved. Here’s what stood out: * 3,000 major security incidents now occur every quarter — a 650% increase in 15 years. * Average losses have soared from $190,000 to nearly $3 million. * Smaller businesses (under $100M in revenue) now represent the largest share of incidents, shattering the myth that they’re too small to target. Cyentia’s mission: cut through the fog of fear, uncertainty, and doubt — and help you see risk more clearly. Plixer’s mission: give IT and SecOps teams the visibility and control to do something about it — turning network flow data into actionable insights for faster detection, investigation, and response. Understanding time and risk together can reshape how you protect your organization. https://www.cyentia.com/wp-content/uploads/2025/06/IRIS-2025.pdf

1.5 Billion Salesforce Records at Risk at Scattered Lapsus$ Hunters Dark Web Site

 

A new wave of extortion attacks is targeting Salesforce environments across major companies — and the scale is massive. A group calling itself the Scattered Lapsus$ Hunters, reportedly linked to ShinyHunters, Lapsus$, and Scattered Spider, claims to have stolen 1.5 billion Salesforce records. The stolen data allegedly includes personal info, shipping details, and even chat transcripts from integrations with the Salesloft Drift chatbot. The attackers have already listed 39 major brands — including Disney, Cisco, McDonald’s, IKEA, and FedEx — on a dark web data leak site, demanding ransom not just from victims but from Salesforce itself. If payments aren’t made, they threaten to leak the data publicly after October 10. While Salesforce maintains that its platform wasn’t directly breached, the incident highlights a growing truth: third-party integrations are now one of the biggest attack vectors in modern supply chains. Stay alert. Audit your integrations. Trust, but verify. https://plixer.zoom.us/webinar/register/WN_vdUGj1AwSdyPMcUSyiWS_Q#/registration