8. Google/Apple/Samsung Galaxy password breaches
When: April and May
What happened?
Password breaches at various tech giants have never been far from the headlines in 2025.
In April, Samsung warned that some of its Galaxy devices store passwords in plaintext.
Then in May, it emerged that over 184 million login credentials tied to Google, Apple, Microsoft, Facebook, Instagram, Snapchat and other platforms were exposed in a major data breach.
The latter was labelled a “cybercriminal’s dream”.
Who nominated it, and why?
Performanta CEO Guy Golan put the Samsung Galaxy breach among his four most-significant incidents of the year, while the Google and Apple breach was among Sapphire CEO Ian Thomas’ picks.
“I’m less worried about it since most passwords have been in circulation for a very long time. And, multi-factor authentication is normally a great option to negate this breach,” the former said, however.
Channel takeaway:
Considering these incidents impacted consumers and not business, it’s hard to say.
But Thomas pointed out that cybersecurity researcher Jeremiah Fowler found the database sitting online without encryption or any password protection – meaning anyone could access it. He recommended deleting old sensitive messages and using encrypted storage for sharing important files.
Seven cyber-attacks were considered more significant by our leadership panel. See next page for more…