On the radar: industries leading in data leaks in 2025

Such consequences are the most common. According to analysts from Positive Technologies, in 2024, the most frequent consequence of targeted attacks was data leaks (58%).

Today, among malicious actors, the main forces are focused on compromising the infrastructure of organizations in the fields of e-commerce and retail, as well as the public sector. The reasons for this will be explained by Eduard German, Commercial Director of the company "Anlim", a center of competence in information security.

Thus, retail and e-commerce lead in the volume of leaked information (i.e., scale), as they aggregate significant arrays of data (big data), for example, loyalty programs, shopping carts, and card information. With just one successful attack, malicious actors can steal a million rows at once, which makes these sectors a "gold mine" for them. One reason for the accessibility of this area for hackers' actions is the race for speed, during which new solutions are released to the market before they are tested by cybersecurity specialists. Moreover, access to data can be obtained through the organization's contractors, such as delivery services that do not have the appropriate level of protection. In such cases, attacks occur through supply chains.

Organizations in the public sector also remain leaders, but now in terms of the dynamics and the number of hacking attempts. The trend was only reinforced in 2025. This is related to hacktivists who, due to the current geopolitical situation, want to destabilize the situation in the country, including through attacks on information systems. Additionally, the public sector is characterized by "growing pains": information flows into large databases through State Services, which use outdated software and have a shortage of personnel. Therefore, protecting such a patchwork infrastructure is extremely difficult.

“In addition to hacktivism, attackers steal data for other purposes. Among them, for example, is enrichment: a simple phone number costs pennies, but when matched with purchase data, addresses, and bank details (from various leaks), the price of a profile on the black market skyrockets. Fraudulent call centers are particularly interested in these profiles. Moreover, in 2025, extortion through regulators became relevant, as hackers use significant turnover fines from Roskomnadzor to intimidate organizations. For example, they threaten to leak databases into the public domain. This creates dual pressure on businesses,” said Eduard Herman, Commercial Director of Unlimited Company.

Today, protecting data from leaks allows organizations to preserve not only profits but also their respect among clients and customers. In this process, both working with people and implementing specific cybersecurity solutions are important. However, it can sometimes be difficult to determine what measures need to be taken to protect information. Experts from a competent third-party organization will address this question during an audit. This is a comprehensive check that assesses the completeness of organizational and technical aspects. During this process, it is possible to understand what still needs to be implemented further within the IT infrastructure.