December 2025 has seen several major data breaches come to light, affecting millions of individuals across multiple industries. Here are the three most significant breaches making headlines this month.
1. Marquis Software Solutions – 780,000+ Affected Across 74 Financial Institutions
In early December, fintech provider Marquis Software Solutions disclosed a devastating ransomware attack that compromised sensitive data belonging to over 780,000 individuals across 74 banks and credit unions nationwide.
What Happened
The breach occurred on August 14, 2025, when attackers exploited a vulnerability in a SonicWall firewall used for remote access. The Akira ransomware gang is suspected to be behind the attack, having been known to target SonicWall devices since 2024.
Data Exposed
- Names, dates of birth, and addresses
- Social Security numbers and taxpayer IDs
- Bank account numbers
- Debit and credit card numbers
- Contact information
Affected Institutions
The breach impacted community banks and credit unions across the country, including Maine State Credit Union, Capital City Bank Group, CoVantage Credit Union, and Suncoast Credit Union, among many others.
Marquis has implemented enhanced security controls and is offering affected customers free credit monitoring and identity theft protection services.
2. Coupang (South Korea) – 33 Million Customers
South Korean retail giant Coupang announced in December 2025 that approximately 33 million customers had their personal information stolen in a months-long data theft operation.
What Happened
The data theft began in June 2025 but was not detected until November. The breach went unnoticed for months, allowing attackers extended access to customer data. The fallout from this incident was so severe that it led to the resignation of the company’s CEO.
Context
This breach is part of a troubling pattern in South Korea, which has experienced a major data breach every month this year. Other affected organizations include SK Telecom, which had 23 million customer records exposed earlier in 2025.
3. PowerSchool – 62 Million Students and 9.5 Million Educators
The PowerSchool data breach continues to send shockwaves through the education sector in December 2025. While the initial breach occurred in December 2024, the full scope and ongoing consequences have dominated headlines throughout 2025.
What Happened
Attackers used a single compromised credential to breach PowerSchool’s customer support portal, gaining access to the company’s school information system (PowerSchool SIS). The intrusion began on December 19, 2024, and went undetected for nine days.
Scope
The breach affected more than 18,000 schools across North America, exposing data for approximately 62 million students and 9.5 million educators. Court documents from May 2025 confirmed this staggering scope.
Data Exposed
- Names and contact information
- Dates of birth
- Social Security numbers
- Limited medical alert information
- Complete historical student and teacher records
Ransom and Ongoing Extortion
PowerSchool paid approximately $2.85 million in Bitcoin after receiving an extortion demand. Despite receiving a video allegedly showing the data being deleted, attackers continued sending extortion emails to schools in Canada and North Carolina as recently as May 2025, proving the data was never actually destroyed.
Key Takeaways
These breaches highlight several critical vulnerabilities in today’s digital landscape:
- Third-party vendor risk: Both Marquis and PowerSchool breaches demonstrate how attackers increasingly target service providers to access data from multiple downstream organizations.
- Credential security: Single compromised credentials enabled catastrophic access in multiple cases.
- Detection delays: The Coupang breach went undetected for months, allowing extensive data exfiltration.
- Ransom payments do not guarantee safety: PowerSchool’s payment did not prevent continued extortion attempts.
Protect Yourself
If you believe you may have been affected by any of these breaches:
- Monitor your credit reports and financial statements closely
- Consider placing a credit freeze with the major credit bureaus
- Be vigilant for phishing attempts that may use your stolen personal information
- Take advantage of any free credit monitoring services offered by the affected organizations
Stay informed about the latest data breaches by subscribing to our newsletter.