Full List

Search

Recent Breaches

• Fogos.pt (wildfire mapping platform) July 31, 2025 • [ ddos, technology ] On July 31, 2025, fogos.pt, a Portuguese volunteer-run wildfire information platform, was hit by the first of two DDoS waves, peaking at 33k requests/sec and 1.7 Gbps for 7 minutes. A second wave followed on August 1 at 31k rps / 849 Mbps for 5 minutes. Both attacks were automatically mitigated by Cloudflares Project Galileo, and the site remained available throughout, with no data loss or outages.
• Undisclosed Russian pharmacy chains July 31, 2025 • [ ransomware ] The Record reports multiple Russian pharmacies were shut down due to a cyberattack disrupting operations and payment/services.
• Thailand Ministry of Labour July 31, 2025 • [ hacking, disruption of service ] Thai officials said the Ministry of Labour website was hacked and later restored; the attack disrupted access to public services.
• Delfingen Industry July 31, 2025 • [ cybersecurity incident ] Company notice references a cybersecurity incident affecting IT systems; details limited pending investigation.
• Singapore traffic enforcement (dataset of offenders) July 31, 2025 • [ data leak, government ] AsiaOne reports that 1,300 names and addresses of traffic offenders were published online; police are investigating.
• Mailchimp July 31, 2025 • [ ransomware, data leak ] Everest ransomware group claimed a small breach of Mailchimp systems, sharing limited details; no disruption reported.
• Louis Vuitton UK (LVMH) July 31, 2025 • [ cyberattack, data leak ] HackRead notes a cyberattack affecting Louis Vuitton UK customers, marking the third LVMH incident in three months; details limited.
• Undisclosed European ministry July 31, 2025 • [ malware, apt, intelligence collection ] HackRead reports DoNot APT deployed LOPTiKMod malware against a European ministry to collect intelligence; attribution aligns with prior DoNot operations.
• Herbapol Lublin S.A. July 31, 2025 • [ ransomware ] Polish trade press reports cyberattack on Herbapol Lublin with a ransom demand; operational interruptions mentioned.
• AirNet ISP (Saint Petersburg) July 31, 2025 • [ malicious activity, outage ] ixbt.com reports provider AirNet in St. Petersburg suffered a citywide outage linked to malicious activity.
• Czech Police, Interior Ministry, and other government offices July 31, 2025 • [ government, hacktivism ] iRozhlas reports hackers attacked Czech police and government websites in retaliation for cooperation in Ukraine-related operations.
• Pi-hole July 30, 2025 In July 2025, a vulnerability in the GiveWP WordPress plugin exposed the names and email addresses of approximately 30k donors to the Pi-hole network-wide ad blocking project. Pi-hole subsequently self-submitted the list of impacted donors to HIBP.
• AirNet (St. Petersburg ISP) July 30, 2025 • [ ddos, technology ] DDoS attack attributed to IT Army of Ukraine caused an outage across AirNets entire network in St. Petersburg; Roskomnadzor and GlobalNet assisted in mitigation.
• Town of Bar Harbor, Maine July 30, 2025 • [ social, phishing, government ] Bar Harbor discovered on July 30, 2025 that four municipal email accounts were compromised and used to send phishing messages. Town offices were closed July 31Aug 1 while systems were secured. CrowdStrike and FBI confirmed no ransomware, encryption, malware, financial theft, or data exfiltration.
• Orange Belgium S.A. July 30, 2025 • [ hack, technology ] On July 30, 2025, Orange Belgium S.A. suffered a cyberattack that compromised data from approximately 850,000 customers. Exposed information included names, phone numbers, SIM card and PUK codes, and tariff plan details. Passwords, email addresses, and financial information were not affected. The incident was disclosed publicly on August 20, 2025, and is separate from other Orange Group cyber incidents.
• GMX (decentralized exchange) July 30, 2025 • [ theft, vulnerability ] The Record reports theft from the GMX exchange with attackers stealing cryptocurrency through an exploit path still under investigation.
• Foreign embassies in Moscow July 30, 2025 • [ cyber espionage ] MarketScreener cites Microsoft: Russias FSB targeted foreign embassies in Moscow in a cyber espionage campaign.
• Sabo (global fashion label) July 30, 2025 • [ data leak ] Hackread reports global fashion label Sabo suffered a data breach exposing customer records online.
• Toys “R” Us Canada July 30, 2025 • [ data leak, phishing ] Company confirmed a threat actor copied records from its customer database and later leaked them on the dark web; investigation verified the datas authenticity and regulators were notified. No payment credentials were exposed; customers warned about phishing.
• Undisclosed financial institutions (ATM network) July 30, 2025 • [ backdoor, financial theft, atm hacking ] Infosecurity reports cybercriminals used Raspberry Pi devices to install a backdoor in ATM networks to steal funds.