Here in the UK, we suffered a number of huge cyber-security incidents in 2025.
April-May 2025 — Marks & Spencer Cyberattack
In late April, Marks & Spencer (M&S) was hit by a sophisticated ransomware-style breach that disrupted its online ordering systems, contactless payments, and “click & collect” services. The incident forced M&S to take its website offline for weeks, blocking online sales throughout April and May 2025, with estimated profit losses of up to £300 million and more than £1 billion wiped from market value. The attack reportedly used social engineering against a third-party service provider.
May 2025 — Co-operative Group (Co-op) Cyber Incident
Just days after the M&S breach, the Co-operative Group experienced a related cyber incident, which appears to have been an attempted ransomware attack. Its security teams contained the full encryption, but attackers gained access to internal systems and exfiltrated sensitive customer/member data for around 6.5 million members. Operational disruption still affected stores and services.
Late April-Early May 2025 — Harrods Cyber Incident
In the same period, Harrods reported attempts at unauthorised access that led to precautionary system shutdowns. Initial attempts caused minimal operational impact, but later in the year reported a separate supplier-related breach exposing customer information (~430,000 records) before containment.
September 2025 — Jaguar Land Rover Production Halt
On 31 August to 1 September, Jaguar Land Rover (JLR) suffered a major cyberattack that prompted the company to take down internal systems to contain the intrusion, effectively halting vehicle production at UK plants in early September 2025.
The stoppage extended for weeks, with estimates indicating roughly £1.9 billion (≈ US $2.5 bn) in losses to the UK economy due to lost production, supply-chain impacts, and operational costs — making it one of the most financially damaging attacks of the year.
20 October 2025 — Amazon Web Services (AWS US-East-1) Outage
Amazon Web Services experienced a significant global outage centred on its US-EAST-1 cloud region, caused by a latent internal DNS configuration issue that prevented service routing. The outage lasted more than 15 hours and disrupted services reliant on AWS including Slack, Snapchat, Canva, Duolingo, and many others, illustrating how cloud platform failures can ripple globally.
18 November 2025 — Cloudflare Global Outage
Cloudflare — a major global internet infrastructure and security provider — suffered a widespread outage triggered by a database configuration issue affecting its bot management systems. The failure caused HTTP 500 errors across a large portion of the web, temporarily impacting access to major platforms like X (Twitter), ChatGPT/OpenAI services, and other high-traffic sites before resolution later that day.
What This Timeline Shows
Across 2025, the spectrum of incidents ranged from criminal breaches targeting retailers and manufacturers to systemic infrastructure failures that were not malicious but nonetheless severe in effect:
• Data breaches and ransomware continued to plague major brands, disrupting operations and exposing customer/member information.
• Industrial and supply-chain impacts were illustrated starkly by the JLR production halt.
• Cloud infrastructure availability issues demonstrated systemic risk: even non-attack outages can bring down wide spans of connected services and highlight dependency risks in modern digital ecosystems.