If anything, 2026 has made it clear that cyber security is no longer a background concern—it’s front and center, woven into nearly every major story of the year. Yes, wars are still raging, the climate continues to worsen, and we’re seemingly one dark sneeze away from the next global pandemic.
But underneath it all is a digital current that touches everything: wars being fought on digital fronts as well as physical ones, governments weaponizing citizens’ data against themselves, botnets quietly undermining democratic institutions, nation-state hackers targeting civilian infrastructure from power grids to water systems, and ransom gangs paying massive corporate gangs. Attacks are becoming bolder, more destructive and harder to contain.
As we’re halfway through this already horrific year of digital attacks and hybrid warfare, we’re taking a look at some of the worst hacks and breaches so far and how they might affect us in the future.
Questions remain about DOGE’s massive swipe of Social Security data
A year later, after entrepreneurs with the Elon Musk-led group of government destroyers known as the Department of Government Efficiency (or DOGE) hijacked and dismantled federal agencies from the inside out, we’re still learning about the data breaches that occurred under their watch.
After the DOGE entered the Social Security Administration, it remains unclear what happened to some of the country’s most sensitive data as lawsuits play out in federal court. The whistleblower’s most troubling claim is that DOGE uploaded a live copy of the Social Security database to an unsecured third-party server, leading to a scramble to understand what was stored on it. This database reportedly contained the Social Security numbers and related personal information of most living Americans.
In court filings, the Social Security Administration doesn’t know for sure what was on the server, but said DOGE signed an agreement with an outside political advocacy group under the guise of finding evidence of voter fraud, which President Trump he continues to claim without any evidence. Fears are that the database could be misused to target Americans for false reasons.
Two of the top House Democrats investigating some of DOGE’s activities at the Social Security Administration said that the report of the government’s Social Security database “could very well be the largest data breach in our nation’s history.”
Hackers are increasingly targeting water systems and energy networks
A wave of cyber-attacks across Europe targeting civilian sources of energy and water, such as power plants and water dams, has set a worrying trend in recent times. Several invasions attributed to (or at least partially blamed on) Russia have risked harming communities and populations in the real world.
The target was Poland’s energy grid malware that destroys the computer at the end of last year, as well as a Swedish thermal unit and a Norwegian dam that dumped water into the pools. Hackers targeted Poland again earlier this year, this time its water treatment plants, showing that Russia’s hybrid warfare rivalry continues to extend beyond the digital realm.
Now, thanks to the recent war between the US and Israel against Iran, there are warnings that Iranian hackers are targeting critical infrastructure in the United States. This includes private utilities, which remain a soft target for hackers, who often lack basic cyber protections.
Iranian government hackers hit Stryker with a devastating device hack
Speaking of Iran, a cyber attack on an American medical technology company, Stryker, in March saw Iranian hackers break into and remotely wipe tens of thousands of employee devices in one fell swoop, causing widespread disruption to the company’s operations for several days.
The breach was a marked shift in Iranian hacking tactics at a time of ongoing war in the Middle East, with Iran moving from its typical focus on espionage and hack-and-leak operations to enhance the country’s political gains, to actively causing devastating hacks as ostensibly retaliation for the war. The US government attributed the hacker group behind the breach to a branch of Iran’s intelligence agency. Breach ended has a material effect in Stryker’s first-quarter earnings after regaining control of its systems.
Be aware of ShinyHunters annoying hacking campaigns
ShinyHunters continued their hacking campaigns, targeting dozens of companies with simple but highly effective voice phishing techniques. English-speaking hackers are adept at tricking companies into handing over access to their internal systems by pretending to be IT support, or conversely, an employee who has forgotten their password.
Few know better than the toll that a ShinyHunters hack from education technology giant Instructure can take. Hackers breached the company’s leading learning management system Canvas to steal personal data and personal information belonging to over 30 million students and staff. When the company didn’t pay the hackers’ ransom, the hackers broke in – again – and defaced the school’s login screens for Canvas, which students used to access their exam and course materials. This second hack occurred during school finals, disrupting exams for students across the United States. Instructure eventually paid the ransom, despite the FBI’s efforts to prevent the company from paying.
Instructure was far from the only company targeted by the ShinyHunters hackers. The gang is behind some of the biggest breaches by the number of files stolen, including about 40 million files from Internet provider Charter and at least 6 million customer records from Carnival cruise shipamong other casualties in higher education, finance and government.
The supply chain is under attack, targeting open source projects and large tech companies
A series of continuous, simultaneous and sometimes overlapping attacks on open source developers has led to massive intrusions targeting major technology companies and their customers.
Some of the biggest names in security including Aqua Security’s Trivy tool, Bitwardenand Checkmarxalong with others large open source projectswere breached this year, allowing hackers to steal passwords, credentials and other sensitive tokens from the computers of anyone who installed a backdoored copy of the software or had their pre-installed software automatically updated to download the malware.
These attacks used the stolen credentials to spread further and opened the door to downstream compromises of major companies that rely on the targeted software, including artificial intelligence giant OpenAI and web hosting company Vercel. With a new hack almost every week, the open source world remains a vulnerable target in the wider tech ecosystem.
The FBI’s surveillance system was breached, triggering a “major cyber incident“
The US Federal Bureau of Investigation was forced to declared a “major cyber incident” in April, prompting a legally required disclosure with Congress after finding that one of its surveillance systems had been breached. According to reports, the breach probably exposed phone numbers of targets under surveillance by federal agents.
Chinese spies were accused of breaching the unclassified network, which had sensitive information about the targets of the wiretapping and other interception of communications, such as pen registry returns. In informing lawmakers, the breach is likely to have met a hurdle of causing “proven harm” to US national security.
Hasbro’s hack led to weeks of downtime
Toy manufacturing giant Hasbro is the latest example of what happens when a large company is hit by a security incident and is unprepared for it. Weeks after hackers were discovered on its systems in late March, the 103-year-old company remained largely offline, its website down and unable to serve its customers.
The company, which owns big-name brands like Transformers, Peppa Pig and Dungeons & Dragons, has said little about the incident itself, what data was taken (if any) and whether it paid the hackers. But the disruption alone is likely to affect the company’s finances, which it was forced to do delayas the company tried to handle the incident.
Hasbro he said as of mid-May that the hackers were no longer on its systems and that its recovery was underway. However, the financial cost of the breach and the impact on its operations is likely to be realized in the coming months and is expected to be significant.
Millions of passports and driver’s licenses have been exposed in abundance
In the past few months alone, there has been an uptick in major data exposures involving people’s sensitive government-issued identity documents, including scans of passports and driver’s licenses left exposed on the web. From a hotel check-in system and a money transfer app to a prison phone card provider and a UK visa service, these services exposed personal documents of more than two million people that could easily be misused. Many were caused by simple security holes that could easily have been avoided with basic cyber security practices.
These massive data leaks come at a time when apps and gated community sites are increasingly relying on “know your customer” checks to force users to verify their identity before being allowed in, and governments are pushing age-verification laws requiring similar authentication checks from adults to access a huge swath of the internet.
The logic goes that the bigger the leaks, the less effective these authentication systems are, as they can easily be misused with a stolen or leaked passport or driver’s license. The further development of these identity collection systems will inevitably lead to more data breaches and security gaps.
When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.
