Moldova Central Electoral Commission / election infrastructure
September 27, 2025
•[ DDoS, election interference, cyberattack ]
During Moldovas 2025 parliamentary election, distributed denial-of-service (DDoS) attacks targeted the Central Electoral Commissions public websites, briefly disrupting access for several hours with peaks around 400 Gbps. Officials accused Russian-aligned actors of interference, but attribution remains unconfirmed. Voting systems were unaffected.
Russia’s System for Fast Payments (SBP)
September 24, 2025
•[ DDoS, cyberattack, financial disruption ]
Ukraines Defense Intelligence Directorate (GUR) conducted a large-scale distributed denial-of-service (DDoS) operation on September 24, 2025, targeting Russias System for Fast Payments (SBP). The attack caused a full nationwide disruption of online payment services for several hours, halting financial transfers and transaction processing across Russian banks. TransTeleComs supporting network infrastructure was also temporarily overloaded during the event.
Bureau of the Treasury (BTr)
September 21, 2025
•[ cyberattack, government ]
DICT/CICC reported a coordinated wave of cyberattacks on government websites amid Sept 21 rallies.
Movement “Ãâ€Ã‘€ÑƒÃ³aѠãúрðøýðâ€Â
September 9, 2025
•[ DDoS attack, website unavailability, cyberattack ]
DDoS attack against the Other Ukraine movements website limited access; technical teams working to restore availability; no attribution or data breach reported.
Orleans Parish Sheriff’s Office
September 4, 2025
•[ ransomware, cyberattack, operational disruption ]
A ransomware cyberattack in early Sept 2025 shut down the Orleans Parish Sheriffs Office AS/400 administrative systems, delaying inmate releases and disrupting operations. Systems were restored after two days with help from local and state cybersecurity agencies, and jail data remained secure.
Polish hydropower plant in Tczew in August 2025
August 19, 2025
•[ hacktivism, industrial control systems, critical infrastructure ]
Russian hacktivists allegedly targeted a hydropower plant in Tczew in August 2025, releasing video evidence that Polish analysts said showed disruption to control systems and turbine operations.
Infoniqa
August 15, 2025
•[ cyberattack, service disruption, IT security incident ]
Heise reported that Infoniqa, a provider of payroll and HR software services, suffered an IT security incident described as a cyberattack that disrupted services. The companys customer communications described technical restrictions and noted that the ONE Start Cloud service was not usable, with operational alternatives offered while investigations continued. Infoniqa stated that technical restrictions were resolved by Tuesday August 12, 2025, but reporting also included claims that at least some customers were unable to use services for more than a week. Infoniqa said external cybersecurity and forensic specialists were analyzing the incident and that it was not yet able to say whether any data was leaked.
Bouygues Telecom
August 4, 2025
•[ cyberattack, data leak, IBAN ]
Bouygues Telecom, Frances third-largest mobile operator, detected a cyberattack on August 4, 2025, which exposed personal and contractual customer data including IBANs for approximately 6.4 million accounts; passwords and payment card details were not compromised.
Jabłonna Lacka Water Treatment Plant
August 1, 2025
•[ industrial control systems, ICS, critical infrastructure ]
Poland's Internal Security Agency reported that attackers breached industrial control systems at multiple water treatment facilities in 2025, including Jabonna Lacka. The attackers gained access to operational systems controlling water treatment processes and in some cases obtained the ability to modify equipment operational parameters, creating a direct risk to operational continuity and public water supply. Public reporting says the August 2025 incident nearly caused a municipality to lose its water supply before authorities intervened. Polish cybersecurity reporting linked several water-facility incidents to a pro-Russian hacktivist group, but no public source identified the specific named perpetrator for the Jabonna Lacka incident.
Louis Vuitton UK (LVMH)
July 31, 2025
•[ cyberattack, data leak ]
HackRead notes a cyberattack affecting Louis Vuitton UK customers, marking the third LVMH incident in three months; details limited.
Undisclosed Canadian electric utility
July 29, 2025
•[ cyberattack, service disruption, critical infrastructure ]
Canadian utility reported a cyberattack that disrupted smart/power meters and required onsite remediation to restore accurate billing and service.
Polish Air Navigation Services Agency (PANSA)
July 25, 2025
•[ cyberattack, sabotage, service disruption ]
Polish authorities opened an investigation into potential sabotage affecting air traffic control systems; disruptions triggered review of cyber causes.
City of Saint Paul, Minnesota
July 25, 2025
•[ cyberattack, government, service disruption ]
A cyberattack on Saint Paul led to widespread service disruptions; Minnesota activated the National Guard to support response and recovery.
Curaçao Tax & Customs Administration
July 24, 2025
•[ ransomware, operational disruption, government ]
Ransomware attack on July 24, 2025 encrypted and paralyzed systems of Curaaos Tax & Customs Administration, disabling counters, phone lines, and internal operations. Online tax filing remained active. Services restored by August 4. No perpetrator identified; no data exfiltration reported.
POST Luxembourg (national telecommunications infrastructure)
July 23, 2025
•[ cyberattack, outage, critical infrastructure ]
Cyberattack targeting Huawei telecommunications equipment caused a nationwide outage of 4G and 5G mobile networks in Luxembourg, disrupting emergency services, internet access, and electronic transactions for several hours.
Netherlands Public Prosecution Service (Openbaar Ministerie)
July 17, 2025
•[ cyberattack, vulnerability exploit, state-sponsored attack ]
Strong indications that Russia was behind a cyberattack exploiting a Citrix vulnerability; the OM took systems offline on July 17 as a response; extent of data access not yet disclosed.
woom GmbH
July 11, 2025
•[ cyberattack, data breach, incident response ]
woom stated that on Friday November 7, 2025 it was affected by a cyberattack in which an internationally operating hacker group gained access to parts of the companys systems despite security measures. woom said it immediately initiated incident response with external experts, contained and processed the incident, and restored systems as quickly as possible. The company said there were indications that some customer information may have been affected, but it reported no sensitive customer data exposure and emphasized ongoing investments in security improvements.
City of Nuremberg
July 7, 2025
•[ cyberattack ]
Local reporting indicates the City of Nuremberg website suffered a cyberattack causing outages; noted as not the first time.
International Criminal Court (ICC)
June 30, 2025
•[ cyberattack, espionage ]
ICC reported a cyberattack detected and contained.Impact and data access undisclosed. This follows a 2023 espionage incident.
Radford City Public Schools
June 10, 2025
•[ cyberattack ]
Cyberattack on Radford City Public Schools in Virginia disrupted portions of the districts internal network on June 10, 2025; systems taken offline for investigation; no ransomware encryption or data theft reported.
