2025’s costliest US breaches: identity, outage math, outcomes

Identity-led intrusions at distributors, govtech, healthcare, and an appliance vendor drove nine-figure losses. Outage duration and revocation speed determined the spread between disruption and recovery.

2025’s priciest breaches weren’t “elite malware.” They were tokens + SaaS + downtime 🪙⏱️🔥
If your revoke MTTR is measured in days, the attackers already won.

2026’s nastiest SaaS breaches will ride valid tokens + “trusted” apps. We already got the trailer with the Salesloft/Drift OAuth blast radius. And the browser? Yeah, it’s part of the perimeter now. 😬🔑💬