Wexford County Register of Deeds
November 5, 2024
•[ cyberattack, data loss, government ]
The Wexford County, Michigan, Register of Deeds office experienced a cyber incident on 2024-11-05. Access was shut off, systems went offline, and a small portion of documents (less than 5%) from a defined time period were not recoverable.
Alaska Division of Retirement and Benefits
November 4, 2024
•[ hack, financial, government ]
The Alaska Division of Retirement and Benefits is hacked and State residents who work in the public sector, have employer contributions to their retirement accounts impacted
At least one undisclosed government and/or tech company
November 4, 2024
•[ state-sponsored, malware, backdoor ]
Government cybersecurity reporting described PRC state-sponsored actors using BRICKSTORM malware to maintain long-term persistence in victim environments, primarily affecting government services/facilities and IT sector organizations. In a documented case, actors accessed a DMZ web server (with a web shell present), moved laterally using service account credentials, copied Active Directory databases, pivoted into VMware vCenter, accessed domain controllers and an ADFS server, and exported cryptographic keys. BRICKSTORM provided stealthy backdoor access for command-and-control and remote operations and was used for persistence from at least April 2024 through at least September 3, 2025. The specific victim organization name was not disclosed in the reporting.
Washington State Administrative Office of the Courts (AOC)
November 3, 2024
•[ hack, government ]
Court systems across Washington are down after officials said "unauthorized activity" was detected on their networks.
Housing Authority of the City of Los Angeles
November 1, 2024
•[ ransomware, malware, government ]
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirms that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang.
Mongolian Ministry of Defense
November 1, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future observe the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia with an adapted infection chain to distribute its customized PlugX backdoor.
Bucharest City Hall
October 31, 2024
•[ ransomware, malware, government ]
The data of approximately 200,000 citizens of the administrative unit Sector 5 of the city of Bucharest are put up for sale after the City Hall suffers a RansomHub ransomware attack at the end of October.
City of Sheboygan
October 31, 2024
•[ ransomware, government ]
Threat actors demand a ransom from officials in the city of Sheboygan, after launching an attack that caused network issues.
Tver Administration's Network
October 29, 2024
•[ hack, malware, government ]
A group with the moniker of Ukrainian Cyber Alliance claims to have taken down the Tver administration's network and to have wiped out dozens of virtual machines, backup storage, websites, email, and hundreds of workstations.
San Joaquin County Superior Court
October 28, 2024
•[ hack, government ]
The San Joaquin County Superior Court says that nearly all of its digital services are knocked offline due to a cyberattack.
Sensitive government and police databases in Italy
October 25, 2024
•[ hack, espionage, government ]
Four people are arrested in Italy after a business intelligence company called Equalize is accused of hacking sensitive government and police databases to create dossiers for its clients.
U.S. Government
October 24, 2024
•[ financial, government ]
A threat actor appears to have stolen approximately $20 million in stablecoins and ETH from wallets belonging to the U.S. Government.
City of Coppell
October 23, 2024
•[ ransomware, malware, government ]
The RansomHub operation takes credit for a damaging attack on the city of Coppell, Texas.
Cyprus’ critical infrastructure and government websites
October 18, 2024
•[ hack, government ]
Cyprus critical infrastructure and government websites are targeted in a series of coordinated cyberattacks claimed by several pro-Palestine hacker groups.
Moldova’s parliamentary email servers
October 17, 2024
•[ cyberattack, email security, election interference ]
Moldovas parliamentary email servers are hit by a cyberattack just ahead of the countrys presidential election and a referendum on joining the European Union.
Westmoreland County
October 16, 2024
•[ social, phishing, government ]
Municipal Authority of Westmoreland County officials say the water and sewer utility has recovered more than $826,000 that was stolen in what it called a vendor impersonator scheme.
Japan's ruling Liberal Democratic Party (LDP)
October 15, 2024
•[ hack, ddos, government ]
Japan's ruling Liberal Democratic Party (LDP) reports that a cyberattack temporarily disrupted its website, coinciding with the start of the countrys general election campaign.
Government sites and nuclear facilities in Iran
October 12, 2024
•[ hack, ddos, government ]
Government sites and nuclear facilities in Iran are hit by disruptive cyberattacks.
Russian general jurisdiction courts
October 11, 2024
•[ hack, ddos, government ]
The websites of Russian general jurisdiction courts are down for several days following a cyberattack claimed by pro-Ukrainian hackers from BO Team.
Uttarakhand State Data Center
October 7, 2024
•[ ransomware, malware, government ]
India's state of Uttarakhand is hit with a ransomware attack, targeting the Uttarakhand State Data Center.
