Autorità Portuale del Mar Ligure Occidentale and Regione Liguria
September 23, 2025
•[ hack, ddos, government ]
On September 23, 2025, the pro-Russian hacktivist group Noname057 launched a distributed denial-of-service (DDoS) attack targeting the websites of Ligurias regional government and the Port Authority of the Western Ligurian Sea. The attack caused only partial service degradation and web slowdowns before being mitigated by Liguria Digitale and Italys cybersecurity agency. No data theft was reported.
Office of the Deputy Chief Minister of Maharashtra
September 21, 2025
•[ hack, government ]
Maharashtra Deputy Chief Minister Eknak Shinde's ex-account was recently hacked during the high-voltage India-Pakistan-Asia Cup match. Hackers posted images of Pakistan and Turkey flags, sparking concern. However, thanks to the swift action of Shinde's social media team, the account was restored within 30-45 minutes and no sensitive data was compromised. The cybercrime police were immediately alerted and investigation is underway to determine the cause of the breach. This incident highlights the...
Bureau of the Treasury (BTr)
September 21, 2025
•[ cyberattack, government ]
DICT/CICC reported a coordinated wave of cyberattacks on government websites amid Sept 21 rallies.
Crimean Occupation Authorities / Government of Crimea
September 20, 2025
•[ hack, leak, government ]
Ukraines Defense Intelligence Directorate (GUR) announced it breached servers of the Russian-installed authorities in occupied Crimea, exfiltrating over 100 TB of official records. No encryption or service disruption reported.
SSC-ICT (serving several Dutch government agencies)
September 15, 2025
•[ hack, ddos, government ]
A sustained DDoS campaign targeted SSC-ICT systems, degrading VPN and internal site access for ~57k Dutch civil servants; ministries advised staff to work in office; Interior Ministry confirmed attacks, impact assessed as limited; no attribution.
Central Election Commission (CEC) of Russia
September 14, 2025
•[ hack, ddos, government ]
Regulator reported 99 DDoS attacks on CEC/Moscow IT/online voting portal on Sept. 14 (3h40m total), but CEC said voting and systems operated normally.
Central Election Commission of the Russian Federation
September 14, 2025
•[ hack, ddos, government ]
HUR/GUR executed DDoS against Russias election infrastructure to hinder online voting; Russia confirmed sustained attacks causing intermittent outages/slowdowns, router reboots, and later restoration; CEC tallied 500k+ attack events.
Ministry of Economy and Finance of Panama
September 11, 2025
•[ ransomware, malware, government ]
MEF reported a malware incident on one workstation and containment with no impact to core platforms; INC Ransom simultaneously claimed an intrusion and >1.5 TB data theft with proof-of-hack samples. Extent of breach remains unconfirmed.
Campaign of Denis Pasler
September 10, 2025
•[ hack, ddos, government ]
United Russia said a DDoS knocked the Pasler campaign site offline late Sept 10; local media confirmed downtime overnight/morning. Residents also received mass SMS urging votes for Pasler, which the party disowned; observers advised not to follow suspicious links. No data theft
Orleans Parish Sheriff’s Office
September 4, 2025
•[ ransomware, government ]
A ransomware cyberattack in early Sept 2025 shut down the Orleans Parish Sheriffs Office AS/400 administrative systems, delaying inmate releases and disrupting operations. Systems were restored after two days with help from local and state cybersecurity agencies, and jail data remained secure.
Indonesian National Police Mobile Brigade Corps
September 2, 2025
•[ hack, government ]
The site with the address korbrimob.polri.go.id has been inaccessible since Tuesday afternoon, September 2, 2025, at 15.07 WIB.
Ordine dei Giornalisti del Lazio
September 1, 2025
•[ ransomware, malware, government ]
A sophisticated ransomware attack targeted the IT infrastructure and internet access of the Lazio Journalists Order in Rome affecting over 20 000 members. The group DragonForce is suspected and authorities and data protection bodies are involved.
Austrian Ministry of the Interior
September 1, 2025
•[ hack, government ]
A professional cyberattack compromised about 100 government email accounts. IT systems were disconnected; investigations launched. No sensitive citizen or law enforcement data was impacted. Attack vector remains unconfirmed.
At least one undisclosed government entity in the MENA region
September 1, 2025
•[ espionage, malware, government ]
Reporting indicates a sustained espionage wave using updated Phoenix implants against government entities, with goals of persistence and data collection rather than overt disruption; activity aligns with prior MuddyWater TTPs and region-focused intelligence objectives.
Federal Emergency Management Agency (FEMA)
August 29, 2025
•[ hack, insider, misconfiguration ]
DHS revealed on Aug 29, 2025 that a threat actor gained unauthorized access to FEMAs IT systems by exploiting unpatched vulnerabilities, outdated protocols, and lack of multi-factor authentication. No citizen data was stolen or exfiltrated. As a result, 24 FEMA IT employees, including the CIO and CISO, were terminated for negligence in cybersecurity oversight.
West Chester Township
August 26, 2025
•[ leak, government ]
Claimants say ~2 TB of personal information (residents & employees) stolen, email server targeted and isolated; systems taken offline as precaution, critical services (e.g., 911) unaffected; FBI and IC3 engaged.
Maryland Transit Administration (MDOT)
August 26, 2025
•[ ransomware, malware, government ]
Attack by Rhysida ransomware group disrupted Maryland Transit Administrations MobilityLink systems and exfiltrated internal and personal data. Group demanded 30 BTC ransom.
City of Stockholm
August 25, 2025
•[ leak, government ]
Vendor Miljdata was breached, exposing PII (names, personal ID numbers, phone, email, employment IDs) for >40,000 City of Stockholm employees; detected late August; disclosed Sept 9; authorities and Truesec investigating; protected-identity individuals not included
Elche City Council
August 25, 2025
•[ ransomware, malware, government ]
Ransomware attack crippled the Elche City Councils operations, affecting Finance, Social Services, and the Mayor's Office; ~1,500 devices were shut down. Emergency manual protocols were activated. A full recovery plan is underway with 4.5 million allocated.
Nevada State Government (multiple agencies)
August 24, 2025
•[ ransomware, malware, government ]
State described a ransomware-based attack discovered Aug 24 that forced two-day office closures and knocked multiple agency websites/phones offline; CIO confirmed some state data was exfiltrated, but nature/volume unknown; no actor has claimed responsibility.
