Peter Green Chilled
May 20, 2025
•[ ransomware ]
Transport supplier to major UK supermarkets (Tesco, Aldi, Sainsburys) reported a cyberattack accompanied by a ransom demand. While no gang was named and encryption wasnt explicitly confirmed, the described impact and BBC-seen ransom note indicate an encryption-driven incident; the firm issued frequent client updates and enacted delivery workarounds to mitigate waste.
SBIS corporate accounting service
May 20, 2025
•[ ddos, service disruption ]
BFM reported a mass foreign DDoS on SBIS on May 20 causing widespread service issues across websites and mobile apps before mitigation.
Bradford Health Services
May 20, 2025
•[ data leak ]
Provider disclosed a data security incident; investigation concluded May 15, 2025 that multiple categories of PHI/PII may have been affected; notices and credit monitoring offered.
Arla Foods
May 19, 2025
•[ cyberattack ]
Arla confirmed a cyberattack that disrupted production and caused delivery delays while affected systems were isolated and restored.
Morgan County 911
May 19, 2025
•[ ransomware ]
Morgan County 911 reported a cyber issue affecting administrative systems; core dispatch, CAD, and radio services were not impacted while security measures were increased.
Fasana GmbH
May 19, 2025
•[ ransomware ]
German napkin manufacturer Fasana GmbH suffered a ransomware attack beginning May 19, 2025. All internal systems, including printers and servers, were encrypted, halting production and order processing. The company reported losses of around 2 million within two weeks and subsequently filed for insolvency. No group has claimed responsibility, and no data leak has been confirmed.
Union County (Ohio) government / county systems
May 18, 2025
•[ ransomware, malware, government ]
A ransomware attack on Union County, Ohios public administration systems led to both encryption and data exfiltration. Data was stolen from internal government databases containing personal, financial, and biometric records of 45,487 individuals. Approximately 12 systems were encrypted, causing partial disruption for several days. No ransomware group has claimed responsibility.
MathWorks
May 18, 2025
•[ ransomware ]
MathWorks confirmed a ransomware attack starting May 18 that disrupted customer-facing services; the firm reported containment, FBI notification, and restoration of services by early June.
Chief Electoral Officer – West Bengal
May 17, 2025
•[ data breach, insider threat, unauthorized access ]
A security breach led to deletion of at least 1,000 voters from the electoral roll in a West Bengal assembly constituency; subsequent reports cited misuse of AERO credentials.
Columbia University IT Systems
May 16, 2025
•[ leak, education ]
An unauthorized actor gained access to university systems on May 16, 2025, and exfiltrated approximately 460GB of sensitive personal, financial, and health data following an IT outage; patient records from the medical center were unaffected; notifications are underway
Effortel
May 16, 2025
•[ data leak ]
Test files with names, DOB, emails, phones, addresses, passport and SIM data for ~70,000 MVNO customers were accessed via a support portal during a database integration test.
Polish ruling party websites
May 16, 2025
•[ hacktivism ]
Reports the ruling partys websites were attacked two days before the presidential election; officials attributed the activity to Russia-aligned actors on Telegram.
Platforma Obywatelska
May 16, 2025
•[ ddos ]
DDoS attack began around 09:00 local time against platforma.org; Polish officials said services were being restored with CERT NASK support.
Lecardo Clinic
May 16, 2025
•[ hacktivism, cyberattack, operational disruption ]
Lecardo Clinic announced a technical failure that led to a three-day shutdown; a pro-Ukraine group claimed a cyberattack. Public reporting indicates multi-day operational disruption, but the exact technique was not disclosed.
Coinbase
May 15, 2025
•[ insider threat, data leak, supply chain ]
Coinbase disclosed a data breach involving bribed third-party support agents; customer data was accessed and losses estimated at $180$400M for remediation and reimbursements.
Pravosudiye
May 15, 2025
•[ hacktivism, data destruction, government ]
Russias national case management/e-filing system was reportedly hacked in Oct 2024, erasing roughly a third of its archive and disrupting court websites and communications for about a month; the operation has been claimed by pro-Ukraine hackers.
Multiple internet services in the Russian Federation
May 15, 2025
•[ ddos ]
Roskomnadzor announced a mass DDoS against several internet services on May 15, 2025, but did not name specific victims or confirm achieved primary effects on a discrete organization; not coded as a cyberattack record per CED unit-of-analysis rules.
Swish
May 15, 2025
•[ ddos, service disruption ]
Swedens Swish payment service experienced a DDoS on the evening of May 15, causing widespread payment problems for under an hour before normal operations resumed; no intrusion or data compromise reported.
Cartier
May 15, 2025
•[ data leak ]
Cartier disclosed that an unauthorized party gained temporary access to its systems in mid-May 2025 and obtained limited client information (names, email addresses, countries). No financial data, passwords, or banking information were compromised.
Kurdish Government and Media Institutions
May 15, 2025
•[ cyber-espionage, phishing, data leak ]
Iran-linked threat actor MuddyWater (MOIS) conducted cyber-espionage operations against Kurdish government and media infrastructure in Iraq during MayJune 2025 using phishing and web-shells to steal credentials and internal documents; reported Jun 25 2025.
