One of the 10 cyber incidents in 2025 was the first documented case of an AI-based espionage campaign, illustrating how artificial intelligence (AI) is being exploited by sophisticated threat actors, according to Tokyo Marine HCC International (TMHCCI), in its sixth consecutive annual cyber principles report.
The report examines the most significant cyber events of 2025, selected for their operational disruption, financial impact and broader implications for the global digital ecosystem.
Compiled by TMHCCI’s cybersecurity team, the report highlights how ransomware, technology supply chain compromises and cloud infrastructure compromises drive systemic cyber risk for organizations worldwide. Events listed – not classified – Spain retail, automotive, cloud infrastructure, telecommunications and luxury goods sectors, including Marks & Spencer, Jaguar Land Rover and Amazon Web Services.
Xavier Marguinaud, head of cyber at Tokyo Marine HCC International, commented, “This past year marked a turning point as it evolved from a theoretical threat to an active one.
“From financial losses to massive cloud outages, the pace of change and how these risks have evolved over the past 12 months has been amazing to see. Tracking these events year-over-year helps the market stay ahead of emerging cyber threats and provide insurers with the best protection.”
The 10 most significant cyber incidents in the TMHCCI report include:
- Marks and Spencer Ransomware incident: Disruption of operations at one of the UK’s largest retailers caused an estimated $300 million impact on operating profit and triggering wider sector-wide impacts as other major UK retailers, such as Co-op and Harrods, experienced cyber incidents.
- Jaguar Land Rover Ransomware Attack: The breach at a British automotive manufacturer has been marked as the most economically damaging cyber incident to hit the UK. The shutdown in vehicle production resulted in a financial loss of $1.9 billion.
- Outages of Amazon Web Services, Azure and CloudFlyer: A series of major outages caused widespread global disruption, highlighting the systemic risk of cloud concentration affecting online services and customer-facing platforms that triggered cascading service failures across SaaS organizations.
- Salesforce/Drift OAUTH massive data breach: The breach has been exploited to gain access to hundreds of Salesforce customer environments, exposing records, compromising millions of customer contact details and account information.
- NPM ecosystem supply chain attack: An IT software provider compromised widely used JavaScript packages, exposing developers and organizations’ environments.
- Oracle Corporation Cloud Platform Alleges Supply Chain Breach: The breach reportedly affected more than 140,000 tenants with risk actors claiming approximately 6.6 million records as a result of the data breach obtained through the login endpoint.
- APT Group used Cloud AI to execute A-orchestrated cyberattacks: Marking one of the first known AI-he-estrated cyberattacks on a state-sponsored cyber-espionage company scale, Cloud AI was used to lead a large-scale autonomous attack targeting 80-90% automation with 30-90% campaign.
- SK Telecom: A cybersecurity breach discovered in April exposed the data of about 27 million users, creating a widespread risk of SIM cloning, and identity theft. The attackers had maintained undetectable access since June 2022.
- Keyring Group: Fashion brands including Gucci, Balenciaga and Alexander McQueen were hit by a cyberattack that exposed the personal information of millions of customers globally, after unauthorized third parties temporarily gained access to Keyring’s internal systems.
- Asahi Group Holdings: A discovered cyberattack forced the company to suspend key operational systems in Japan, causing massive disruption to order processing and shipments.
Tokyo Marine HCC, a member of the Tokyo Marine Group, was established in 1879 with a market capitalization of $81 billion as of September 30, 2025. Based in Houston, Texas, Tokyo Marine HCC is a specialty insurance group with offices in the United States, Mexico, United Kingdom and Continental Europe.
Source: Tokyo Marine HCC International (TMHCCI),
Titles
Cyber
Interested Cyber?
Get automatic alerts for this topic.
