Data Breaches in June 2025 left behind a string of major incidents that exposed sensitive information and interrupted services across industries.
 From global airlines to municipal governments and investment platforms, no area was untouched. Hawaiian Airlines faced an internal systems disruption, Zoomcar dealt with the exposure of millions of user records, and one of India’s largest financial firms saw the theft of digital gold. These attacks exploited weaknesses in infrastructure, vendor relationships, and identity systems.
This report breaks down each major incident from June, focusing on the scale, the method, and what it signals about current cybersecurity priorities. Let’s dive in and explore all the breaches!
Let’s dive in all the 6 Data Breaches in June 2025
1. 16 Billion Credentials Leaked in Historic Data Dump
How the Breach Happened?
This breach wasn’t the result of a single attack but a massive data dump compiled from infostealer malware infections across millions of devices. Threat actors had been collecting credentials through compromised systems for years, and the full dataset, 16 billion records was eventually leaked online.
What Data Was Exposed?
Email addresses, usernames, and passwords tied to services like Google, Apple, Facebook, Netflix, Microsoft, and various government portals.
Number of Affected Individuals
The credentials were sourced from over 750 million infected devices, potentially impacting billions of online accounts.
Vendor Involvement
No single vendor was breached. However, the data belonged to accounts from multiple platforms collected via malware.
Business Impact
Widespread risk of credential stuffing, account takeovers, phishing campaigns, and impersonation attacks.
Company Response
As there was no single company responsible, responses came from various cybersecurity experts urging users to reset passwords and use MFA.
Key Lesson
Infostealer malware has a long tail. Even if no direct breach occurs, stolen credentials can be quietly collected and dumped later, causing mass exposure.
Source: Economic Times
2. Zoomcar Breach Exposes Data of 8.4 Million Users
How the Breach Happened?
Hackers exploited an unpatched API vulnerability in Zoomcar’s backend systems to access user data. A sample dataset containing millions of records was later found on the dark web.
What Data Was Exposed?
Names, mobile numbers, email addresses, home addresses, and vehicle registration details.
Number of Affected Individuals
Approximately 8.4 million users.
Vendor Involvement
No third-party vendor was reported to be involved.
Business Impact
The breach triggered user privacy concerns and could lead to phishing and identity fraud.
Company Response
Zoomcar initiated internal investigations, alerted law enforcement, and cooperated with CERT-In to assess and contain the damage.
Key Lesson
APIs are high-value targets; secure coding and continuous testing are essential for customer-facing platforms.
Source: Times Of India
3. Bank Sepah Outage Triggers Speculation of Cyberattack
How the Breach Happened?
The incident was likely caused by unauthorized physical access to a server facility, possibly linked to sabotage or a targeted cyberattack. Video evidence showed individuals interfering with core infrastructure.
What Data Was Exposed?
While data exposure is unconfirmed, analysts suspect potential data deletion or corruption affecting banking systems.
Number of Affected Individuals
Unknown, but widespread service disruptions suggest millions of customers may have been indirectly affected.
Vendor Involvement
None disclosed, though supply chain or insider risks are being explored.
Business Impact
Nationwide outages in ATM, mobile, and fuel payments caused public and economic disruption.
Company Response
Officials denied a cyberattack initially, but regulators launched a review of systemic resilience.
Key Lesson
Physical security and infrastructure redundancy are just as critical as network defense in sensitive sectors.
Source: DarkReading
4. Aflac Discloses Customer Data Breach
How the Breach Happened?
Cybercriminal group “Scattered Spider” exploited stolen credentials to access internal systems and exfiltrate sensitive data.
What Data Was Exposed?
Social Security numbers, health data, and insurance claims information.
Number of Affected Individuals
Exact numbers are not public, but the exposure includes sensitive records from policyholders.
Vendor Involvement
No third-party involvement disclosed at this stage.
Business Impact
Potential legal exposure, loss of trust, and increased scrutiny from regulators and clients.
Company Response
Aflac engaged cybersecurity experts, informed authorities, and reassured customers their payment systems were secure.
Key Lesson
Insurers remain prime targets due to rich personal data. Lateral movement detection and identity monitoring are crucial.
Source: Wall Street Journal
5. Hawaiian Airlines Cyber Incident Disrupts Operations
How the Breach Happened?
Hawaiian Airlines experienced a cyberattack that affected backend systems. While technical specifics were not disclosed, ransomware is suspected based on disruption patterns.
What Data Was Exposed?
No customer or financial data was confirmed as compromised.
Number of Affected Individuals
Operational systems were impacted, but no passenger data breaches were reported.
Vendor Involvement
No third-party vendor was linked to the incident.
Business Impact
Temporary disruption to internal systems, operational delays, and federal scrutiny.
Company Response
The airline immediately involved cybersecurity experts and informed federal agencies like the FAA.
Key Lesson
Even without data loss, operational tech breaches can cause major business interruptions. Preparedness matters.
Source: Reuters
6. Glasgow City Council Disruption Raises Data Safety Concerns
How the Breach Happened?
Attackers used ransomware to disable public-facing services. Ransom notes were found, indicating financial motivation.
What Data Was Exposed?
Exposure is unconfirmed, but public records and citizen service data may be at risk.
Number of Affected Individuals
Unknown, though system outages affected thousands of residents and city staff.
Vendor Involvement
No third-party vendor has been publicly implicated.
Business Impact
Payment and planning services were suspended, damaging public trust and slowing operations.
Company Response
Glasgow’s IT team isolated systems, restored critical functions, and began forensic investigations.
Key Lesson
Local governments must invest in basic ransomware defenses and offline service continuity.
Source: The Scottish Sun
Final Thoughts
The Data Breaches in June 2025 reinforced a harsh reality: cybersecurity is no longer optional. From stolen digital gold to massive password leaks, the breaches this month exposed the weaknesses that still exist in even the most established organizations. The variety of targets banks, hospitals, universities, airlines, and local governments, shows how no sector is immune. As attackers evolve, so must defenses.
Organizations must move beyond reactive security and embrace proactive risk reduction through real-time threat detection, vendor risk management, regular audits, and employee awareness. These incidents serve as a wake-up call to prioritize cybersecurity not just as an IT issue, but as a business-critical function.
Want to know how your organization would stand against threats like the ones in June 2025? Book a free demo with Strobes to identify and fix security gaps before attackers do.
Also Read: