Westminster City Council
November 24, 2025
•[ service disruption ]
Westminster City Council was impacted by the same cyber incident identified on November 24, resulting in disruption to some online services and phone systems. The council reports that services are running but some disruption remains. No data compromise has been confirmed.
EIRC SPb JSC
November 24, 2025
•[ DDoS ]
A DDoS attack on November 24 disrupted customer access to personal accounts used for submitting meter readings at EIRC SPb JSC. The organization reported temporary unavailability of payment and meter-reading services and worked to restore operations. The incident followed unrelated scheduled maintenance the prior day.
The Miller Financial Group
November 24, 2025
•[ data leak ]
Unauthorized access to internal systems at The Miller Financial Group exposed sensitive personal data for at least seven Massachusetts residents, including names, Social Security numbers, state-issued IDs, and financial institution information. TMFG notified the Massachusetts Attorney General on November 7, 2025 and issued consumer notification letters.
Psyonix (Rocket League)
November 24, 2025
•[ denial of service, service disruption ]
Psyonix reported that Rocket League servers were experiencing ongoing attacks that caused service disruptions; the studio implemented code optimizations and new DDoS detection to reduce attack impact but did not report any data theft or identify the attackers. Initially, attackers would join a match, launch their attack, and disconnect all of the other players, forcing an unintentional forfeit. As long as the attacker is the last player to leave a match, they earn the win.
Milano Ristorazione
November 24, 2025
•[ ransomware, malware ]
On November 24, 2025, Milano Ristorazione experienced operational malfunctions caused by a LockBit 5.0 malware infection impacting internal systems. The disruption affected catering and restaurant service operations and triggered an investigation by authorities. No data theft or encryption was reported.
Village of Golf Manor
November 24, 2025
•[ ransomware ]
The Village of Golf Manor reported a ransomware attack that fully encrypted all municipal computer systems, including backups, resulting in a complete operational outage; no data theft or actor attribution was confirmed.
Southold
November 24, 2025
•[ cyberattack, service disruption, government ]
Southold, New York suspended public access to its Laserfiche online record-keeping system for more than six weeks following a cyberattack reported to have breached town servers on November 24, 2025. According to reporting cited in the post, the town planned approximately $500,000 in security upgrades funded via a bond before restoring public access to Laserfiche, and officials stated they could not provide a timeline for restoration as of January 12, 2026. The confirmed impact described is prolonged loss of public access to the online records system while remediation and security hardening continued; public reporting in the cited excerpt did not confirm data theft or enumerate affected records.
Iberia Líneas Aéreas de España S.A.
November 23, 2025
•[ data leak ]
Spanish flag carrier Iberia began notifying customers after discovering that unauthorized access to a suppliers systems had exposed limited loyalty-program data, including names, email addresses and Iberia Club card IDs, while emphasizing that passwords and payment information remained safe; the airline activated its security protocols, added additional protections around account email changes, notified regulators, and continues to investigate the vendor breach and a purported 77 GB data listing on hacker forums.
Department of the Interior and Local Government (DILG)
November 23, 2025
•[ data leak, hacktivism ]
Hacktivist group HappyGoLuckyPH claims to have infiltrated the Philippine Department of the Interior and Local Governments intranet and exfiltrated about 400GB of internal government data, including personal and financial details of roughly 10,000 employees and contractors, while DILG publicly states it is still verifying the alleged breach and says core systems remain stable; despite the ongoing verification, the combination of leaked samples and size claims is treated here as a successful cyberattack involving significant data theft.
Adda.io
November 23, 2025
•[ data leak ]
Data breach at Adda.io: a hacker using the alias Blinkers posted a dataset claiming to contain personal information for approximately 1.86 million users, including names, phone numbers, email addresses, owner IDs, and MD5-hashed passwords.
Jackson County Public Schools
November 23, 2025
•[ denial of service, service disruption ]
A reflection DDoS attack on November 23 targeted the district firewall, taking down internet, Wi-Fi, phones, and internal systems for Jackson County Public Schools in North Carolina. Schools closed on November 25 due to continuing network instability. Officials reported no evidence of student or staff data access or theft.
Precipio Inc.
November 23, 2025
•[ unauthorized access, data leak, protected health information ]
Precipio posted a Notice of Data Event stating it learned on or about November 25, 2025 that an unauthorized user accessed an employees cloud-based storage account. The companys investigation (with third-party cybersecurity specialists) determined the unauthorized access occurred on or around November 23, 2025 and that certain files in the account were copied without authorization. Precipio stated the impacted information varies by person but may include identifiers and protected health information such as names, addresses, MRNs, DOB, clinical/treatment and procedure information, provider name, prescription information, and health insurance information. The notice said law enforcement was notified and that additional notifications would follow after file review completion.
French Football Federation (FFF)
November 22, 2025
•[ data leak, unauthorized access ]
The French Football Federation disclosed that an unauthorized party accessed administrative software on November 22 and exfiltrated personal and membership information for registered members; no operational disruption or actor attribution was identified.
City of Attleboro Massachusetts
November 21, 2025
•[ ransomware ]
City officials in Attleboro Massachusetts reported a cybersecurity incident that took numerous municipal information technology systems offline leaving all non emergency phone lines and citywide email unavailable while public safety operations and 911 calls continued and investigators from city state and federal partners worked to contain and remediate the disruption
"Other Ukraine" Movement website
November 21, 2025
•[ ddos ]
The website of the pro-Russian political movement 'Other Ukraine', led by Viktor Medvedchuk, was hit by what the organization described as a powerful DDoS attack that overwhelmed its online infrastructure. The traffic flood knocked the site offline, forcing technical staff to work on restoring access while warning supporters via Telegram about repeated waves of DDoS activity since September. The incident disrupted the movements ability to publish statements and reach supporters but did not involve data theft.
Resecurity honeypot
November 21, 2025
•[ honeypot, data leak, threat intelligence ]
Threat actors identifying as 'Scattered Lapsus$ Hunters' claimed they had gained full access to Resecurity systems and stolen employee data, internal chats/logs, threat intelligence reports, and client lists, posting screenshots on Telegram. Resecurity denied that its production environment was breached and said the actor interacted with an isolated honeypot account and systems populated with synthetic (fabricated) customer, employee, and payment data. Resecurity reported it first detected suspicious probing activity on November 21, 2025 and monitored subsequent automated extraction attempts against the decoy environment, treating the incident as an intrusion attempt rather than a confirmed compromise of real systems/data.
Almaviva S.p.A.
November 20, 2025
•[ data leak ]
Threat actor breached Almaviva (IT services provider for FS Italiane Group), exfiltrated about 2.3TB of internal data including technical documentation, contracts, accounting records, HR archives and multicompany repositories across several FS Group companies; data appears recently generated (Q3 2025); Almaviva confirmed a breach, isolated systems, and launched response procedures.
Cleveland County Sheriff's Office (Oklahoma)
November 20, 2025
•[ ransomware, government ]
The Cleveland County Sheriffs Office in Oklahoma reported that a ransomware attack against portions of its internal computer systems was underway as of November 2021, 2025; officials emphasized that 911 and public safety response were not disrupted, but the countys IT team was still assessing scope and working on remediation, and no threat group had publicly claimed responsibility at the time.
International Game Technology PLC (IGT)
November 20, 2025
•[ ransomware, data leak ]
Ransomware-as-a-service group Qilin added gambling-technology giant IGT to its data leak site and claims to have stolen about 10GB of data, roughly 21,600 files, from the companys systems; the archive is labeled as already published on the dark web, but no file samples or detailed data contents were shared publicly at the time of reporting, and IGT has not confirmed or denied the incident, so this entry treats the event as a threat-actor-claimed data-theft attack with the nature of the exposed information still undetermined.
