Joint Court of Justice (Dutch Caribbean)
July 23, 2025
•[ hack, malware, government ]
A malware infection on July 23, 2025 forced the shutdown of the Joint Court of Justices entire IT network across six islands. Judicial case management, filings, and email were fully disrupted until restoration began around July 28. No group has claimed responsibility; no data exfiltration confirmed.
POST Luxembourg (national telecommunications infrastructure)
July 23, 2025
•[ cyberattack, outage, critical infrastructure ]
Cyberattack targeting Huawei telecommunications equipment caused a nationwide outage of 4G and 5G mobile networks in Luxembourg, disrupting emergency services, internet access, and electronic transactions for several hours.
Naval Group
July 23, 2025
•[ data leak, extortion ]
Threat actor leaked 1TB of alleged Naval Group data after an extortion attempt. Naval Group says no intrusion confirmed and operations unaffected.
Leading fixed-line operators in Crimea
July 23, 2025
•[ ddos ]
Distributed denial-of-service (DDoS) attack disrupted major fixed-line telecommunications operators across Crimea for several days, causing intermittent outages for subscribers; mitigation measures underway.
AMEOS Group
July 22, 2025
•[ data leak ]
AMEOS disclosed a security incident and took IT systems offline while investigating possible data exposure of patient, employee, and partner data.
UK Ministry of Defence (Special Air Service personnel)
July 21, 2025
•[ data leak ]
Army ordered an immediate review after media reports that identities of at least 20 SAS soldiers were publicly available online; follows earlier MoD ARAP leak revelations.
Schools in Shropshire (11 schools)
July 21, 2025
•[ ransomware ]
Local council committee informed that a ransomware cyberattack impacted 11 schools in Shropshire.
Pandora (jewelry retailer)
July 20, 2025
•[ leak, retail ]
Pandora confirmed that a third-party vendor holding marketing/customer data was compromised, exposing PII of around 30,000 individuals; no passwords, financial, or payment data stolen.
Waveny LifeCare
July 20, 2025
•[ data leak ]
A cyber intrusion in July 2025 exposed resident and patient data from Waveny LifeCares network; no encryption or quantitative data reported, actor unconfirmed.
Toptal
July 20, 2025
•[ data leak, source code leak, supply chain attack ]
73 repositories made available, exposing private projects and source code. Attackers hijacked Toptals GitHub organization and published 10 malicious npm packages before takedown. Later updates indicated minimal impact to external users.
National Institutes of Health; National Nuclear Security Administration
July 20, 2025
•[ data leak, vulnerability ]
NIH and the National Nuclear Security Administration were impacted in a global Microsoft SharePoint breach; no classified information reported compromised; scope and severity under investigation.
CoinDCX
July 19, 2025
•[ financial, hack, finance ]
CoinDCX, Indias largest crypto exchange, suffered a $44M breach in July 2025 after attackers compromised a backend server connected to a hot wallet. Withdrawals were suspended but later resumed with assurances user funds were safe. Attribution remains undetermined; some analysts suggest Lazarus Group, while Indian police arrested a local engineer tied to suspicious freelance work.
UK Ministry of Defence (ARAP applicants)
July 19, 2025
•[ data leak ]
Article discusses government response to the previous ARAP data breach; thousands at risk; records of 18,714 applicants exposed; coding reflects exposure context.
Neblio Technologies Pvt Ltd
July 19, 2025
•[ insider threat, data leak ]
Company reported approximately Rs 384 crore (~$44M) in cryptocurrency transferred from a company wallet around 2:37 am on July 19 to six accounts; internal probe suggested an employee laptop compromise and potential insider involvement.
U.S. National Nuclear Security Administration (NNSA)
July 18, 2025
•[ data breach, vulnerability, zero-day ]
Breach of NNSA systems through a Microsoft SharePoint zero-day vulnerability. DOE stated a small number of systems were impacted and are being restored. Attack was later linked to Chinese state hacking groups Linen Typhoon and Violet Typhoon.
Mike Graham's Facebook Account
July 18, 2025
•[ account takeover ]
Canopy Healthcare
July 18, 2025
•[ unauthorized access, data breach, data leak ]
DataBreaches summarized RNZ reporting that Canopy Health said it identified on July 18, 2025 that an unknown person temporarily obtained unauthorized access to part of its systems used by its administration team. Canopy said forensic review indicated unauthorized access to one of its servers likely occurred and that some data may have been copied. The provider stated the incident was contained, that an investigation was ongoing, and that it sought and obtained an urgent High Court injunction to prevent use or publication of any information that may have been accessed. The report did not enumerate specific data elements or counts of affected individuals.
Palo Alto Networks (investigator)
July 17, 2025
•[ ransomware, malware, technology ]
Ransomware deployment (4L4MD4R) via exploitation of Microsoft SharePoint ToolShell vulnerabilities; attackers disabled defenses, bypassed certificate validation, and encrypted files; ransom note threatened deletion upon decryption attempts.
Dutch Public Prosecution Service (Openbaar Ministerie)
July 17, 2025
•[ hack, government ]
Systems shut down after discovery of unauthorized access via Citrix.
Survival Flight
July 17, 2025
•[ leak, healthcare ]
Survival Flight discovered a cyber incident on 07/17/2025 impacting IT systems; notice lists likely exposure of patient PHI. DataBreaches reports WorldLeaks claim (~2.8 TB) and previewed data including internal business files plus some patient/member financial/insurance info. Second Survival Flight incident in <1 year.
