August 2025 witnessed a series of data breaches across industries, exposing sensitive information and shaking customer trust. From global technology giants to airlines, credit bureaus, and staffing companies, no sector was spared. These incidents highlight how attackers are refining their methods and exploiting weak links in third-party systems, supply chains, and enterprise software.
Below is a detailed breakdown of top 7 data breaches in August 2025 which were disclosed in August 2025.
1. Google’s Salesforce Breach
Incident Overview
In August, Google confirmed that its Salesforce-hosted customer database had been breached by the well-known hacking group ShinyHunters. Investigators later revealed the campaign began in June 2025 but went undetected for weeks. The breach was part of a larger attack wave targeting Salesforce CRM environments across multiple enterprises.
What Data Was Exposed
The stolen information mainly comprised business contact records, and they included:
- Names
- Email addresses
- Phone numbers
Financial data and credentials were not included in the disclosure, but even contact information (e.g. contact details) can be used in phishing, impersonation, and social engineering attacks.
Number of Affected Individuals
Google has not published exact numbers, but reports estimate millions of contacts were exposed.
Business Impact
The hack called into question the safety of SaaS ecosystems and risks of cloud dependency. In the case of a company of this magnitude as Google, the image of weak vendor controls can affect the business relationship and regulatory oversight.
Company Response
In early August, Google started to alert affected business customers and collaborated with Salesforce to limit the exposure. The company wrote that it is improving SaaS monitoring and strengthening vendor-specific security checks.
Key Lesson
Even highly resourced enterprises are not immune when third-party SaaS platforms are compromised. Stronger vendor governance, continuous monitoring, and proactive breach detection are crucial in today’s interconnected environments.
 Sources: BrightDefense, TrendMicro, Economic Times
2. Air France and KLM Data Breach
Incident Overview
On August 7, 2025, Air France and KLM announced a data breach that was associated with a third-party customer support system. The attackers used the vendor system to gain access to passenger records and information in the loyalty program.
What Data Was Exposed
- Passenger names
- Contact information (emails, phone numbers)
- Flying Blue loyalty numbers
While no payment card or passport data was reported, loyalty points are frequently targeted by fraud rings and sold in underground markets.
Number of Affected Individuals
The airlines have not disclosed exact numbers, but industry reports suggest the breach could cover hundreds of thousands of travelers.
Business Impact
For airlines, breaches create operational disruption and reputational damage. Customer trust is especially fragile in travel, where personal details are closely linked to identity verification, booking, and financial accounts.
Company Response
Both airlines assured customers that they had locked down the affected vendor system and initiated an investigation. They also rolled out alerts to help customers track suspicious account activity.
Key Lesson
Airlines rely heavily on third-party systems for ticketing, loyalty programs, and customer service. Without rigorous vendor risk management, these integrations can become entry points for attackers.
 Source: Forbes
3. Workday Data Breach
Incident Overview
Workday, a global provider of HR and finance software, announced on August 18, 2025 that it too was targeted in the Salesforce exploitation campaign. Attackers leveraged weaknesses in Salesforce integrations to extract data.
What Data Was Exposed
- Names
- Email addresses
- Business phone numbers of Workday contacts
While this breach did not involve employee HR records, exposing professional contact information puts enterprises at risk of targeted spear-phishing attacks.
Number of Affected Individuals
The company has not revealed specific numbers, but analysts suggest the exposure is significant given Workday’s global customer base.
Business Impact
As an HR SaaS leader, Workday faces heightened scrutiny when its own systems or integrations are exploited. The incident risks undermining confidence in cloud-based HR solutions.
Company Response
Workday confirmed the breach but emphasized that no payroll or HR data was impacted. The company said it is strengthening its monitoring of third-party integrations and expanding threat detection.
Key Lesson
This incident reinforces the domino effect of SaaS supply chain risks. When a platform as widely used as Salesforce is compromised, it cascades across numerous organizations.
 Sources: Website Planet
4. TransUnion Data Breach
Incident Overview
On August 28, 2025, credit reporting agency TransUnion revealed a breach that started in July and was traced to a third-party application compromise. The attackers accessed highly sensitive personal records of millions of individuals.
What Data Was Exposed
- Full names
- Personally identifiable information (PII)
- Social Security Numbers
Number of Affected Individuals
The breach impacted 4.4 million people, making it one of the largest exposures of August.
Business Impact
Credit bureaus hold vast databases of identity information used for financial verification, loans, and credit checks. A breach of this nature can lead to identity theft, fraud, and regulatory investigations, significantly harming brand credibility.
Company Response
TransUnion confirmed the breach and is working with regulators, offering credit monitoring and identity theft protection services to affected individuals.
Key Lesson
Organizations that store critical identity data must maintain continuous third-party risk assessments, robust encryption, and real-time exposure monitoring.
 Source: The Record
5. Connex Credit Union Data Breach
Incident Overview
On August 11, 2025, Connex Credit Union in Connecticut disclosed a breach that impacted approximately 172,000 customers.
What Data Was Exposed
The bank confirmed that customer personal data was exposed, though details on the exact categories (financial vs. PII) remain under review.
Number of Affected Individuals
About 172,000 customers were impacted.
Business Impact
Smaller financial institutions often lack the depth of cybersecurity resources available to large banks. As a result, breaches of this scale can create outsized reputational and compliance challenges, particularly around FDIC and state banking regulations.
Company Response
Connex confirmed the breach to regulators and began notifying customers. An internal review and security upgrades are underway.
Key Lesson
Even regional banks are attractive targets. Investment in continuous vulnerability management, penetration testing, and customer notification planning is essential.
 Source: Bleepingcomputer
6. Manpower RansomHub Attack
Incident Overview
On August 12, 2025, staffing giant Manpower confirmed it was attacked by the RansomHub ransomware group. The attackers exfiltrated a massive 500GB of data before demanding a ransom.
What Data Was Exposed
- Corporate files
- Employee and candidate records
- Sensitive personal information
Number of Affected Individuals
The breach impacted 144,189 individuals.
Business Impact
The attack disrupted talent management operations and raised concerns among corporate clients who depend on Manpower for staffing services. Beyond financial loss, the reputational hit may affect long-term client confidence.
Company Response
Manpower confirmed the attack, engaged incident response teams, and is working with regulators. However, leaked data on the dark web suggests that extortion attempts may continue.
Key Lesson
The case demonstrates the evolution of ransomware toward double-extortion tactics, where both encryption and data leaks maximize pressure on victims.
Source: Bleepingcomputer
7. Orange SA Data Leak
Incident Overview
French telecom provider Orange SA was hacked in early August by the ransomware group Warlock. Attackers stole around 4GB of sensitive business data and published it on the dark web.
What Data Was Exposed
- Confidential business user information
- Internal corporate documents
Number of Affected Individuals
Exact counts remain unclear, but leaked datasets suggest significant exposure among Orange’s enterprise clients.
Business Impact
Telecom providers are high-value targets due to their role in critical infrastructure. Public leaks of corporate data can harm relationships with business customers, create compliance issues, and erode trust.
Company Response
Orange confirmed the incident and said it is cooperating with French authorities. The company also initiated additional monitoring to identify misuse of leaked data.
Key Lesson
Telecom firms must prioritize ransomware resilience, vendor oversight, and rapid incident disclosure to protect business users and maintain trust.
 Source: Times of India
Bottomline
The August 2025 data breaches confirm recurring security challenges:
- Supply chain compromises (Google, Workday, Air France/KLM)
- Critical data theft at scale (TransUnion, Connex Credit Union)
- Ransomware with public leaks (Manpower, Orange SA)
Organizations must move from reactive security to continuous threat exposure management (CTEM), supported by risk-based vulnerability management (RBVM). Strobes Security enables enterprises to:
- Continuously identify exposures across SaaS, cloud, and on-prem environments
- Prioritize based on business risk, not just CVSS scores
- Automate workflows for faster remediation
- Validate exposures through Pentesting as a Service (PTaaS)
 Schedule a demo with Strobes to see how our unified platform can reduce your breach risk.
