In December 2025, a series of high-profile cyber attacks, data breaches, and ransomware incidents underscored the unrelenting threat landscape confronting businesses today. From telecommunications giant BT and healthcare platform ConnectOnCall to educational institutions such as Texas Tech University, the month witnessed a disturbing uptick in both frequency and severity of malicious activities.
Major engineering and technological services firms, including ENGlobal and Blue Yonder, were not spared, nor were critical infrastructure providers like Telecom Namibia. Healthcare also took a hit, with Anna Jaques Hospital suffering significant disruptions. Kadokawa, the renowned Japanese game maker, experienced breaches that rattled the gaming community.
Even global energy players like Electrica Group were caught in the crosshairs, alongside medical device company Artivion, proving that no sector is immune to cyber threats. Our monthly compilation delves into the biggest cyber attacks and breaches in December 2024. It also explores how these organisations navigated the aftermath of December’s most significant cyber incidents.
The incidents highlighted in the tables below emphasise the urgent need for businesses to prioritize cybersecurity in 2025. As cyber threats grow more advanced and widespread, it is crucial to adopt a proactive approach rather than a reactive one. This involves creating and implementing comprehensive Cyber Incident Response Plans that are not only strong but also frequently updated to tackle new and emerging threats.
Regular Cyber Tabletop Exercises can offer also valuable insights by replicating real-world scenarios. These cyber-attack simulation based exercises enable your team to practice incident response strategies in a controlled setting. These exercises help highlight potential weaknesses in current plans and enhance coordination among team members. Regular staff training is also vital, as human error remains a major vulnerability in cybersecurity. By educating employees and training executives in crisis management, you can greatly reduce the impact of cyber attacks.
