Search Results for "government"

Operation Endgame 4.0 June 18, 2026 • [ malware, hack, technology ] On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems and facilitate further cybercrime. Coordinated by international law enforcement agencies with support from Europol and Eurojust, the operation remediated almost 15,000 compromised websites and disrupted more than 100 servers and domains used to distribute malware. Authorities also provided HIBP with 154k impacted email addresses and more than half a million previously unseen passwords.

Chelan County Government May 24, 2026 • [ malware, cyberattack, network shutdown ] Chelan County, Washington reported that malware was detected on county government systems around 10 a.m. on May 24, 2026, affecting all county departments. As a precaution, the county voluntarily shut down network access, computers, and telephone systems across departments while IT staff worked with security partners to restore systems; 911 and emergency services remained available. Public reporting did not identify the threat actor, confirm ransomware, report data theft, or confirm whether any personal data was compromised.

Murray County Government May 13, 2026 • [ cyberattack, government, service disruption ] Murray County, Georgia reported that a cyberattack hit the county government network, forcing several county offices to limit services or close until network systems were restored. The Tax Commissioner, Tax Assessor, Probate Court, and Juvenile Court offices were closed, while other county offices remained open with limited functionality; 911, public safety, and primary voting continued. Public reporting did not identify a threat actor, confirm ransomware or encryption, specify the technical mechanism, report data theft, or provide a final restoration date.

Government of Guam May 2, 2026 • [ zero-day vulnerability, cyber incident response, website disruption ] The Government of Guam activated its cyber incident response on May 2, 2026 after hackers exploited a critical zero-day vulnerability affecting globally used cPanel-hosted websites. Multiple GovGuam websites were disrupted, prompting a government-wide assessment and response. Officials said emergency services remained unaffected; public reporting did not identify the actor, confirm data theft, or quantify the disruption duration.

Administration of Kursk region April 20, 2026 • [ DDoS attack, government, service disruption ] On April 20, 2026, Kursk regional authorities reported a DDoS attack against regional administration servers that made the live broadcast of a government session unavailable. Officials said the session recording would be published later on official governor and regional government resources, and corroborating reporting said the attack was localized the same day.

Nigeria's Corporate Affairs Commission (CAC) April 15, 2026 • [ unauthorized access, data exfiltration, data breach ] Nigerias Corporate Affairs Commission confirmed unauthorized access to limited aspects of its information systems; ByteToBreach claimed it exfiltrated about 25 million documents, roughly 750 GB, from CAC infrastructure, but CAC did not confirm the volume or identify the perpetrator.

Winona County April 6, 2026 • [ ransomware, data leak, government ] Winona County, Minnesota experienced a ransomware attack that began April 6, 2026 and was discovered April 7. Officials took affected systems offline, declared a local emergency, requested Minnesota National Guard assistance, and notified the FBI. Later reporting confirmed cybercriminals released information taken from the county network; emergency services and 911 remained operational, while vital statistics and DMV systems were among those impacted.

Former Mossad Chief Tamir Pardo March 25, 2026 • [ data leak, espionage, email breach ] Handala published material from the personal Gmail account of former Mossad chief Tamir Pardo, and later reporting said the leak included business correspondence and a draft letter addressed to a CIA chief.

Hong Kong Correctional Services Department March 24, 2026 • [ unauthorized access, data breach, personal data leak ] Hong Kong's Correctional Services Department said a hacker illegally accessed its internal Knowledge Management System on March 24, 2026 and then accessed another system containing personal data of about 6,800 current and former staff.

Police Nationale (France) training platform users March 17, 2026 • [ data breach, hacking, government ] 01net reported that data relating to French police personnel was stolen after the e-campus training platform was hacked.

City of Minot Water Treatment Plant March 14, 2026 • [ ransomware, critical infrastructure, utilities ] Minot, North Dakota officials confirmed a ransomware event impacted a server at the citys water treatment plant on March 14, 2026. The city said the water treatment plant and broader water system remained operational and safe, with no interruption to water service reported.

Passaic County March 4, 2026 • [ malware, cyberattack, availability disruption ] Passaic County, New Jersey reported a malware attack that disrupted county IT systems and took down phone lines used across government offices. The county first announced the phone outage the morning of March 4 and later confirmed the same day that the outage was caused by a cyberattack. Officials said they were working with federal and state partners to investigate and contain the issue and would provide updates once resolved. No data theft, ransomware demand, or impacted record counts were disclosed in the public statement; the confirmed primary effect is availability disruption affecting communications and IT services.

170 Ukrainian prosecutors and investigators March 1, 2026 • [ espionage, email compromise, state-sponsored ] Russia-linked hackers compromised Ukrainian prosecutors and investigators email accounts as part of a broader email-espionage campaign involving at least 284 inboxes.

Mexico City Civil Registry February 26, 2026 • [ data leak, unauthorized access, exfiltration ] Attackers gained unauthorized access to Mexican government civil registry databases and exfiltrated sensitive records. Stolen data reportedly includes birth certificate information and national identification numbers from Mexico Citys civil registry.

Mexico Tax Authority February 26, 2026 • [ data leak, unauthorized access, government ] Attackers accessed Mexican tax authority systems and exfiltrated taxpayer information. The compromised data reportedly includes tax records and taxpayer identification details.

Centre for Information Technologies of the State (CTIE) February 26, 2026 • [ malware, data leak, government ] CTIE detected malware on a system used to manage government mobile-device access and later said an external actor accessed device-holder information and device characteristics. The temporary loss of mobile access to internal state services resulted from CTIE isolating the affected system as a precaution.

Senegal's Directorate of File Automation (DAF) February 3, 2026 • [ ransomware, cyberattack, operational disruption ] The Record reported that Senegal confirmed a cybersecurity incident affecting its Directorate of File Automation (DAF), an office managing sensitive identity information such as national ID cards, passports, and other biometric data. DAF issued a public notice warning residents that the cyberattack forced the temporary suspension of the offices operations. The article noted the breach became public after ransomware claims, but it did not confirm in the government notice that biometric or identity records were exfiltrated; the confirmed primary effect in the report is operational disruption via suspension/closure of the offices services.

Valtori (Finnish Government ICT Centre) mobile device management service January 30, 2026 • [ data breach, mobile device management, zero-day vulnerability ] Valtori reported a data breach identified on January 30, 2026 in the mobile device management service it provides to Finlands government shared ICT services. Valtori said the attacker accessed information used to operate the service, including names, work email addresses, phone numbers, and device details, and that investigation later found the scope could involve a substantially larger number of users (about 50,000). Valtori stated no data stored directly on mobile devices was compromised. The root cause was described as exploitation of a zero-day vulnerability in a commercial mobile management product, compounded by the systems failure to permanently delete historical data.

Armenian Government January 13, 2026 • [ Data Leak, Cybercrime, Alleged Breach ] Reporting stated that a forum user using the alias dk0m offered for sale what was described as a large dataset of Armenian government-related data, allegedly obtained by accessing a government notification system used to distribute official communications (legal and administrative notices). The seller advertised the dataset for $2,500 and claimed it contained about 8 million records related to official notifications, including communications involving police and judicial bodies. Armenian officials opened an investigation, while a government-linked communications body publicly denied that government email infrastructure was breached and suggested any access may have involved another state platform. Because the incident is described as an allegation under investigation without independent confirmation of access or data theft, it is recorded as an alleged event rather than a confirmed cyberattack.

Cuban Embassy in Washington D.C. January 1, 2026 • [ cyberespionage, data exfiltration, email breach ] China-linked hackers exploited long-unpatched Microsoft Exchange vulnerabilities on the Cuban Embassy in Washington D.C.s email servers beginning in January 2026, accessing and exfiltrating the full inboxes of 68 diplomatic officials, including the ambassador and deputy chief of mission.

Search Results (government)