Most impactful security incidents in technology companies

Explore the most significant cyberattacks and data breaches that have shaken technology companies worldwide. This ranking delves into security incidents that have had a lasting impact on user privacy, corporate reputation, and cybersecurity strategies. Discover how these events have shaped the digital landscape and the lessons learned by industry giants. We analyse the vulnerabilities exploited and the consequences for millions of online service users. Stay informed about the evolution of cyber threats and the importance of data protection in the technology sector.

0100% verified
  1. 1

    Jaguar Land Rover Supply Chain Attack (September 2025)

    0 Global Votes

    This incident is considered one of the most economically damaging cyberattacks in British history, highlighting the deep interdependence of global manufacturing. A single breach rippled across an entire economy, causing significant financial losses and production halts.

  2. 2

    Arup Deepfake (AI-Generated Video Fraud) (January 2026)

    0 Global Votes
    • One of the largest AI-powered financial frauds documented

      (+2)

    This incident illustrates the emerging and sophisticated threat of AI-driven social engineering and deepfakes in cyber-enabled fraud. The use of an AI-generated video to steal a substantial sum marks a new frontier in cybercrime tactics.

  3. 3

    North Korean Cryptocurrency Theft (ByBit Exchange) (February 2025)

    0 Global Votes
    • Largest cryptocurrency heist in history

      (+4)

    This incident represents the largest cryptocurrency theft ever recorded, showcasing the continued targeting of crypto platforms by nation-state actors. It highlights the significant financial risks and vulnerabilities within the digital asset ecosystem.

  4. 4

    Salesloft Drift Attacks (SaaS Supply Chain Attack) (2025)

    0 Global Votes
    • Highlights systemic security blind spot in third-party risk

      (+4)

    This was a major interconnected SaaS supply chain attack, illustrating how trusted SaaS integrations can become powerful attack vectors. It drove renewed scrutiny of OAuth permissions and third-party application governance across numerous high-profile companies.

  5. 5

    Luxshare Ransomware Attack (April 2026)

    0 Global Votes

    The potential exposure of sensitive engineering files and internal product documentation related to high-profile clients could enable reverse-engineering. This incident highlights the significant supply chain risk in the manufacturing sector, especially for key technology assemblers.

  6. All the rankings you can imagine

    Thousands of verified votes to discover the best. Your vote here counts

  7. 6

    Odido Data Breach (February 2026)

    0 Global Votes

    This was a significant breach in the telecommunications sector, demonstrating the vulnerability of personal customer data held by service providers. The exposure of over six million accounts highlights the broad impact such incidents can have on individuals' privacy.

  8. 7

    The 16 Billion Passwords Leak (Google, Apple, Facebook) (2025)

    0 Global Votes

    Described as one of the largest credential-stuffing data dumps, this incident emphasizes the critical need for multi-factor authentication (MFA), stronger password hygiene, and limiting access privileges. It highlights the aggregated risk from malware infostealers and prior breaches.

  9. 8

    2.4 TB Data Leak Caused By Microsoft's Misconfiguration (July 2025)

    0 Global Votes

    This massive data leak highlights the ongoing risk of misconfigured cloud environments, even for major cloud providers like Microsoft. It demonstrates that human error in configuration can lead to significant data exposure, impacting trust in cloud services.

  10. 9

    OnSolve CodeRED Emergency Alert System Disruption (November 2025)

    0 Global Votes

    This was a critical incident affecting public safety infrastructure, demonstrating the potential for cyberattacks to disrupt essential communication systems. The inability to send emergency notifications highlights the severe real-world consequences of such breaches.

  11. 10

    Ivanti VPN Attacks (Ongoing through 2025 and 2026)

    0 Global Votes

    These attacks highlight the critical risk posed by vulnerabilities in widely used network edge devices, which serve as prime targets for initial access brokers and ransomware groups. The aggressive exploitation of Ivanti VPNs demonstrates a persistent threat to organizational perimeters.

  12. 11

    Docker Flaw (CVE-2026-34040) (April 2026)

    0 Global Votes
    • Fixed in version 29.3.1

    This high-severity vulnerability in a fundamental containerization technology poses a significant risk to cloud-native development environments. It highlights the importance of continuous security in widely adopted open-source tools that form the backbone of modern infrastructure.