CPAP Medical Supplies and Services, Inc.
October 8, 2025
•[ data leak, healthcare, government ]
Data breach affecting ~90,000 military members, veterans and families exposed SSNs and medical details.
The Information Technology and Cybersecurity Service (STISC)
October 8, 2025
•[ DDoS, government ]
New DDoS attacks against Moldovan government IT infrastructure; some services temporarily unavailable.
TISZA Világ
October 6, 2025
•[ leak, hack, government ]
In late October 2025, data breached from the Hungarian political party TISZA was published online before being extensively redistributed. Stemming from a compromise of the TISZA Vilg service earlier in the month, the breach exposed 200k records of personal data including email addresses along with names, phone numbers and physical addresses.
Indonesian National Police
October 4, 2025
•[ data leak, government, hacker ]
Hacker Bjorka released a dataset of ~341k police personnel (names, ranks, units, contacts) from 2016 on a public site; authorities acknowledge leak discussions while probing identity of actor.
Colorado State Public Defender’s Office
October 3, 2025
•[ ransomware, encryption, operational disruption ]
Ransomware beginning Oct 3 2025 encrypted servers and shared drives at Colorados State Public Defender Office, rendering thousands of case files inaccessible and delaying operations for weeks. No evidence of data theft or leak has been reported.
Kaufman County
October 1, 2025
•[ data leak, identity theft, government ]
A letter dated Oct 1 states personal data in Kaufman County systems may have been accessed; residents received 24 months of credit monitoring. This disclosure came three weeks before a second October incident, indicating repeated compromise pressure against the countys environment and elevating identity-theft risk even where misuse is not yet observed.
Moldova Central Electoral Commission / election infrastructure
September 27, 2025
•[ hack, ddos, government ]
During Moldovas 2025 parliamentary election, distributed denial-of-service (DDoS) attacks targeted the Central Electoral Commissions public websites, briefly disrupting access for several hours with peaks around 400 Gbps. Officials accused Russian-aligned actors of interference, but attribution remains unconfirmed. Voting systems were unaffected.
Undisclosed Italian Government Department (via Libraesva ESG vulnerability)
September 27, 2025
•[ hack, government ]
Libraesva confirmed that a zero-day vulnerability in its Email Security Gateway (ESG) was exploited beginning September 27 2025 by state-sponsored hackers to access one Italian government departments email system. The company released an emergency patch and reported no encryption or broader impact.
Autorità Portuale del Mar Ligure Occidentale and Regione Liguria
September 23, 2025
•[ hack, ddos, government ]
On September 23, 2025, the pro-Russian hacktivist group Noname057 launched a distributed denial-of-service (DDoS) attack targeting the websites of Ligurias regional government and the Port Authority of the Western Ligurian Sea. The attack caused only partial service degradation and web slowdowns before being mitigated by Liguria Digitale and Italys cybersecurity agency. No data theft was reported.
Office of the Deputy Chief Minister of Maharashtra
September 21, 2025
•[ hack, government ]
Maharashtra Deputy Chief Minister Eknak Shinde's ex-account was recently hacked during the high-voltage India-Pakistan-Asia Cup match. Hackers posted images of Pakistan and Turkey flags, sparking concern. However, thanks to the swift action of Shinde's social media team, the account was restored within 30-45 minutes and no sensitive data was compromised. The cybercrime police were immediately alerted and investigation is underway to determine the cause of the breach. This incident highlights the...
Bureau of the Treasury (BTr)
September 21, 2025
•[ cyberattack, government ]
DICT/CICC reported a coordinated wave of cyberattacks on government websites amid Sept 21 rallies.
Crimean Occupation Authorities / Government of Crimea
September 20, 2025
•[ hack, leak, government ]
Ukraines Defense Intelligence Directorate (GUR) announced it breached servers of the Russian-installed authorities in occupied Crimea, exfiltrating over 100 TB of official records. No encryption or service disruption reported.
SSC-ICT (serving several Dutch government agencies)
September 15, 2025
•[ hack, ddos, government ]
A sustained DDoS campaign targeted SSC-ICT systems, degrading VPN and internal site access for ~57k Dutch civil servants; ministries advised staff to work in office; Interior Ministry confirmed attacks, impact assessed as limited; no attribution.
Central Election Commission (CEC) of Russia
September 14, 2025
•[ hack, ddos, government ]
Regulator reported 99 DDoS attacks on CEC/Moscow IT/online voting portal on Sept. 14 (3h40m total), but CEC said voting and systems operated normally.
Central Election Commission of the Russian Federation
September 14, 2025
•[ hack, ddos, government ]
HUR/GUR executed DDoS against Russias election infrastructure to hinder online voting; Russia confirmed sustained attacks causing intermittent outages/slowdowns, router reboots, and later restoration; CEC tallied 500k+ attack events.
Ministry of Economy and Finance of Panama
September 11, 2025
•[ ransomware, malware, government ]
MEF reported a malware incident on one workstation and containment with no impact to core platforms; INC Ransom simultaneously claimed an intrusion and >1.5 TB data theft with proof-of-hack samples. Extent of breach remains unconfirmed.
Campaign of Denis Pasler
September 10, 2025
•[ hack, ddos, government ]
United Russia said a DDoS knocked the Pasler campaign site offline late Sept 10; local media confirmed downtime overnight/morning. Residents also received mass SMS urging votes for Pasler, which the party disowned; observers advised not to follow suspicious links. No data theft
Orleans Parish Sheriff’s Office
September 4, 2025
•[ ransomware, government ]
A ransomware cyberattack in early Sept 2025 shut down the Orleans Parish Sheriffs Office AS/400 administrative systems, delaying inmate releases and disrupting operations. Systems were restored after two days with help from local and state cybersecurity agencies, and jail data remained secure.
Indonesian National Police Mobile Brigade Corps
September 2, 2025
•[ hack, government ]
The site with the address korbrimob.polri.go.id has been inaccessible since Tuesday afternoon, September 2, 2025, at 15.07 WIB.
Ordine dei Giornalisti del Lazio
September 1, 2025
•[ ransomware, malware, government ]
A sophisticated ransomware attack targeted the IT infrastructure and internet access of the Lazio Journalists Order in Rome affecting over 20 000 members. The group DragonForce is suspected and authorities and data protection bodies are involved.
