Top Cyber Crime Stories of 2025
In 2025, cyber professionals were once again kept on their toes by threat actors in a never-ending cat-and-mouse game. Amidst the chaos, some notable incidents impacted well-known UK companies such as Marks & Spencer, Co-op, and Jaguar Land Rover, making 2025 a memorable year.
1. How government hackers are trying to exploit Google Gemini AI
At the beginning of the year, Google’s Threat Intelligence Group (GTIG) revealed that nation-state-backed threat actors from countries like China, Iran, North Korea, and Russia were attempting to exploit its Gemini AI tool. These threat actors used Gemini for various malicious activities, including reconnaissance, vulnerability research, and post-compromise evasion techniques.
2. Advanced Software fined £3m over LockBit attack
In March, the UK’s Information Commissioner’s Office (ICO) imposed a £3.07m fine on Advanced Computer Software Group for a LockBit ransomware attack in 2022 that affected NHS services. The ICO found gaps in security measures such as multifactor authentication, vulnerability scanning, and patch management.
3. Cyber attack downs systems at Marks and Spencer
In April, Marks and Spencer experienced a significant cyber attack that forced the retailer to take several public-facing services offline. The attack, later attributed to the hacking collective Scattered Spider, was followed by a similar attack on the Co-op Group.
4. Scattered Spider cyber gang turns fire on aviation sector
During the summer, Scattered Spider expanded its attacks to target the insurance and aviation industries. Multiple airlines reported cyber incidents following a warning from Mandiant threat researchers.
5. Four arrested in M&S attack investigation
In July, the National Crime Agency (NCA) arrested four individuals in connection with the M&S and Co-op attacks. The arrests were made in London, Staffordshire, and the West Midlands with support from law enforcement units.
6. Researchers firm up ShinyHunters, Scattered Spider link
In August, researchers uncovered connections between the ShinyHunters hacking collective and Scattered Spider, revealing a partnership in cyber criminal activities targeting various organizations worldwide.
7. Cyber attackers damage Jaguar Land Rover production
In September, Jaguar Land Rover fell victim to a major cyber attack that disrupted production and affected the company’s suppliers, leading to production delays.
8. Oracle patches E-Business suite targeted by Cl0p ransomware
Throughout the summer, the Cl0p cyber extortion gang targeted organizations, including universities and media companies, using a vulnerability in Oracle E-Business Suite. Oracle released a patch to address the remote code execution flaw.
9. Jaguar Land Rover attack to cost UK £1.9bn, say cyber monitors
The cyber attack on Jaguar Land Rover resulted in significant economic losses, with the Cyber Monitoring Centre estimating the cost at £1.9bn. The incident was deemed the most damaging cyber attack in the UK’s history.
10. UK government pledges to rewrite Computer Misuse Act
Towards the end of 2025, the UK government announced plans to reform the Computer Misuse Act of 1990 to protect ethical hackers from prosecution. The proposed changes aim to support cybersecurity efforts in the country.
