Effortel
May 16, 2025
•[ data leak ]
Test files with names, DOB, emails, phones, addresses, passport and SIM data for ~70,000 MVNO customers were accessed via a support portal during a database integration test.
Polish ruling party websites
May 16, 2025
•[ hacktivism ]
Reports the ruling partys websites were attacked two days before the presidential election; officials attributed the activity to Russia-aligned actors on Telegram.
Platforma Obywatelska
May 16, 2025
•[ ddos ]
DDoS attack began around 09:00 local time against platforma.org; Polish officials said services were being restored with CERT NASK support.
Lecardo Clinic
May 16, 2025
•[ hacktivism, cyberattack, operational disruption ]
Lecardo Clinic announced a technical failure that led to a three-day shutdown; a pro-Ukraine group claimed a cyberattack. Public reporting indicates multi-day operational disruption, but the exact technique was not disclosed.
Coinbase
May 15, 2025
•[ insider threat, data leak, supply chain ]
Coinbase disclosed a data breach involving bribed third-party support agents; customer data was accessed and losses estimated at $180$400M for remediation and reimbursements.
Pravosudiye
May 15, 2025
•[ hacktivism, data destruction, government ]
Russias national case management/e-filing system was reportedly hacked in Oct 2024, erasing roughly a third of its archive and disrupting court websites and communications for about a month; the operation has been claimed by pro-Ukraine hackers.
Multiple internet services in the Russian Federation
May 15, 2025
•[ ddos ]
Roskomnadzor announced a mass DDoS against several internet services on May 15, 2025, but did not name specific victims or confirm achieved primary effects on a discrete organization; not coded as a cyberattack record per CED unit-of-analysis rules.
Swish
May 15, 2025
•[ ddos, service disruption ]
Swedens Swish payment service experienced a DDoS on the evening of May 15, causing widespread payment problems for under an hour before normal operations resumed; no intrusion or data compromise reported.
Cartier
May 15, 2025
•[ data leak ]
Cartier disclosed that an unauthorized party gained temporary access to its systems in mid-May 2025 and obtained limited client information (names, email addresses, countries). No financial data, passwords, or banking information were compromised.
Kurdish Government and Media Institutions
May 15, 2025
•[ cyber-espionage, phishing, data leak ]
Iran-linked threat actor MuddyWater (MOIS) conducted cyber-espionage operations against Kurdish government and media infrastructure in Iraq during MayJune 2025 using phishing and web-shells to steal credentials and internal documents; reported Jun 25 2025.
Doctors Hospital at Renaissance, Ltd. (DHR Health)
May 15, 2025
•[ data leak, healthcare ]
Doctors Hospital at Renaissance (DHR Health) notified the U.S. Department of Health & Human Services that it had experienced a data breach impacting sensitive personal and protected health information. An unauthorized party accessed systems storing patient records, potentially exposing names, Social Security numbers, clinical details, and insurance data for an undisclosed number of individuals. The hospital has since notified the Texas Attorney General and begun mailing breach letters, while law firm investigators explore potential compensation claims for patients whose information may be at heightened risk of identity theft and medical fraud.
PDI Health
May 14, 2025
•[ ransomware, leak, malware ]
On May 14, 2025, PDI Health discovered a cyberattack when the Everest ransomware group infiltrated its internal systems and exfiltrated sensitive patient records. The group leaked samples and claimed responsibility on the dark web, revealing more than 373,000 records stolen. No evidence of encryption or service disruption was confirmed.
Kurdish forces
May 14, 2025
•[ espionage, vulnerability, zero-day ]
Turkey-linked espionage operators exploited a zero-day in Output Messenger to surveil Iraq-based Kurdish forces, collecting communications and device data; Microsoft attributed the activity to a Turkey-aligned group focused on intelligence collection.
Weis Markets
May 14, 2025
•[ payment card theft, data leak ]
Weis Markets completed its investigation and reported skimmers at multiple locations capable of capturing payment card track and PIN data; notices published to customers.
Cellcom
May 14, 2025
•[ cyberattack, service outage ]
Cellcom confirmed a cyberattack caused widespread service outages impacting voice and SMS for customers in Wisconsin and Upper Michigan.
Nucor Corporation
May 14, 2025
•[ cybersecurity incident, operational disruption ]
Nucor reported a cybersecurity incident and took parts of its network offline as containment, causing operational disruptions and delays.
House of Dior
May 14, 2025
•[ data leak ]
Dior disclosed that an external party accessed a customer database in May; later breach notices warned affected customers about exposed personal data.
Central Point School District 6
May 14, 2025
•[ data breach, unauthorized access ]
The Oregon district reported unauthorized access to its digital systems on May 14 and isolated affected systems while law enforcement and external experts investigated. No confirmed data types or quantities were disclosed at the time of reporting.
State of Alabama
May 13, 2025
•[ service disruption, government ]
Alabama announced a cybersecurity event and warned of possible website or service disruptions. Subsequent updates indicated limited impact with no specific primary effect confirmed.
CCTV Pelintas, City of Pematangsiantar
May 13, 2025
•[ website defacement ]
City communications said a cyberattack began at 14:42 WIB on May 13, redirecting the public CCTV site to a gambling page; mitigation completed the same day with services restored after SSL propagation.
