Beta – Dnevni evropski servis (DES)
August 7, 2025
•[ ransomware, malware, technology ]
Ransomware attack encrypted systems of Betas specialized European news service (DES), rendering its portal inaccessible. No data exfiltration was reported. Attackers demanded ransom in cryptocurrency; the incident occurred and was disclosed on August 7, 2025.
Valparaiso University
August 7, 2025
•[ data leak ]
Class-action followed disclosure that files were copied/downloaded Aug 78; notice cites PII potentially impacted
OB-GYN Associates, Nevada
August 7, 2025
•[ ransomware, data leak ]
OB-GYN Associates in Reno, Nevada identified suspicious activity in its IT environment on or around August 7, 2025 and brought in third-party experts, who confirmed that a hacker had accessed areas of the network where patient records were stored; a review completed September 29 showed that names, Social Security numbers, drivers license numbers and medical information for about 62,238 individuals had been exposed, and the Inc Ransom ransomware group later claimed responsibility for the attack, prompting the clinic to harden policies and offer credit monitoring to affected patients.
Spartanburg County
August 6, 2025
•[ ransomware, government ]
Cyberattack led to disabling of certain online services, including County network connections; emergency services like 911 remained operational; third ransomware event in recent years
1000ua.ru (Russian POW portal)
August 6, 2025
•[ hack, ddos, government ]
On August 6, 2025, immediately after launch, the Russian website 1000ua.ru which published portraits of 1,000 Ukrainian POWs was hit with a DDoS attack. RT attributed the traffic to Ukraine, but no specific group has been identified. The attack caused partial disruption but no data theft or encryption.
Pakistan Petroleum Limited (PPL)
August 6, 2025
•[ ransomware, leak, malware ]
PPLs servers and backups were encrypted and disabled by Blue Locker ransomware; IT and financial operations were disrupted for days; a ransom note threatened data leaks; NCERT issued high alert advisory to national institutions
City of Greenville (TX)
August 5, 2025
•[ ransomware, malware, government ]
Hackers deployed ransomware targeting Greenvilles server infrastructure, affecting city services and utility billing in Hunt County; emergency 911 was unaffected, and no personal data breach has been reported.
Bouygues Telecom
August 4, 2025
•[ hack, technology ]
Bouygues Telecom, Frances third-largest mobile operator, detected a cyberattack on August 4, 2025, which exposed personal and contractual customer data including IBANs for approximately 6.4 million accounts; passwords and payment card details were not compromised.
Public Broadcasting Service (PBS)
August 4, 2025
•[ leak, technology ]
BleedingComputer confirmed a file posted on Discord with JSON records of 3,997 PBS employees and affiliates came from PBSs MyPBS.org internal service, and PBS confirmed the datas authenticity
Bouygues Telecom
August 4, 2025
•[ hack, technology ]
In August 2025, the French telecommunications company Bouygues Telecom detected a cyber attack against their services. The incident resulted in a data breach that exposed almost 6.4M customer records, including 5.7M unique email addresses. The breach also exposed names, physical addresses, phone numbers, dates of birth and IBANs (International Bank Account Numbers). Bouygues Telecom advised that all affected customers had been notified about the incident.
Prospect Medical Holdings
August 4, 2025
•[ ransomware, healthcare ]
Prospect Medical Holdings, a chain that owns hospitals as well as more than 165 outpatient facilities, said ransomware hackers had breached its system. Sixteen hospitals and more than a hundred other medical facilities across the United States are offline after the largest cyberattack on a U.S. hospital system since last year. Prospect Medical Holdings, a []
Sevastopol main internet provider (Miranda Media)
August 2, 2025
•[ hack, ddos, technology ]
On August 2, 2025, Sevastopols main internet provider Miranda Media came under a large-scale DDoS attack, causing widespread disruption of mobile and fixed-line connectivity across the city. Services were intermittently unavailable for several days. Officials acknowledged the disruption on August 4, 2025. No group has claimed responsibility.
99 Cents Only
August 1, 2025
•[ ransomware, retail ]
INC Ransom claims to have breached Dollar Tree
Undisclosed Bank in Asia-Pacific Region
August 1, 2025
•[ financial, malware, finance ]
A financially-motivated crew physically snuck a 4G-equipped Raspberry Pi into an Asia-Pacific banks network, plugging it into the ATM network switch to get remote access past perimeter defenses. Their goal was to reach the ATM switching server and deploy a custom CAKETAP rootkit to approve fraudulent ATM withdrawals; responders interrupted the operation before cash-out
National prison management platform of the National Penitentiary Administration (ANP)
August 1, 2025
•[ insider threat, financial fraud, unauthorized access ]
A prisoner in the Dej hospital prison hacked tablet/kiosk systems used to access the national inmate-services portal, manipulating requests and financial accounts tied to commissary and sentence-credit workflows. Activity persisted for weeks across multiple institutions before detection; the union and national media detail platform misuse and credential abuse rather than broad IT outages.
Qilin ransomware group
July 31, 2025
•[ ransomware, hack, leak ]
Compromise of Qilins affiliate panel by rival actors enabled access to internal systems and stolen victim files.
Foreign embassies in Moscow (multiple missions)
July 31, 2025
•[ espionage, malware, government ]
FSB-linked APT Secret Blizzard (Turla) used ISP-level access in Russia to deliver espionage malware against multiple foreign embassies in Moscow; campaign disclosed by Microsoft. Data stolen likely includes diplomatic emails/credentials; exact volume not reported.
Acea
July 31, 2025
•[ ransomware, malware, energy ]
Italian utility company Acea suffered another ransomware attack, this time claimed by World Leaks. Systems were encrypted, disrupting operations, though the exact duration and number of affected customers were not disclosed.
Ministry of iTaukei Affairs
July 31, 2025
•[ hack, government ]
The Ministry of iTaukei Affairs official Facebook page was hacked again after an April 2025 incident.
Institute Ruđer Bošković (administrative/professional services IT)
July 31, 2025
•[ ransomware, education ]
IRB was hit by a ransomware attack on July 31, 2025 via Microsoft SharePoint ToolShell vulnerabilities; administrative/professional services systems were encrypted. IRB refused to pay, isolated affected segments, and restored from backups by Aug 8; later updates confirmed full service restoration and no evidence of data exfiltration.
