Government of Pakistan
August 9, 2025
•[ leak, government ]
A leak of sensitive personal data of thousands of Pakistanis including government officials; data includes identity cards, mobile phone addresses, call logs, travel details; being sold online; probe ordered.
Spartanburg County
August 6, 2025
•[ ransomware, government ]
Cyberattack led to disabling of certain online services, including County network connections; emergency services like 911 remained operational; third ransomware event in recent years
1000ua.ru (Russian POW portal)
August 6, 2025
•[ hack, ddos, government ]
On August 6, 2025, immediately after launch, the Russian website 1000ua.ru which published portraits of 1,000 Ukrainian POWs was hit with a DDoS attack. RT attributed the traffic to Ukraine, but no specific group has been identified. The attack caused partial disruption but no data theft or encryption.
City of Greenville (TX)
August 5, 2025
•[ ransomware, malware, government ]
Hackers deployed ransomware targeting Greenvilles server infrastructure, affecting city services and utility billing in Hunt County; emergency 911 was unaffected, and no personal data breach has been reported.
Colombian Justice Minister Andres Idarraga
August 1, 2025
•[ spyware, Pegasus, surveillance ]
Colombias justice minister stated that forensic evidence indicates his phone was hacked using Israeli Pegasus spyware during the second half of 2025 while he was investigating alleged corruption in the military. He alleged the operation was ordered through the Defense Ministry using state counterintelligence structures and confidential funds. According to his statement, investigators found his phone was taken over more than 8,700 times and that 2.3 GB of data were downloaded, including sensitive corruption complaints, and that the camera/microphone were illicitly activated on numerous occasions. The incident is characterized as a targeted spyware intrusion against a senior government official with alleged state involvement.
Foreign embassies in Moscow (multiple missions)
July 31, 2025
•[ espionage, malware, government ]
FSB-linked APT Secret Blizzard (Turla) used ISP-level access in Russia to deliver espionage malware against multiple foreign embassies in Moscow; campaign disclosed by Microsoft. Data stolen likely includes diplomatic emails/credentials; exact volume not reported.
Ministry of iTaukei Affairs
July 31, 2025
•[ hack, government ]
The Ministry of iTaukei Affairs official Facebook page was hacked again after an April 2025 incident.
Singapore traffic enforcement (dataset of offenders)
July 31, 2025
•[ data leak, government ]
AsiaOne reports that 1,300 names and addresses of traffic offenders were published online; police are investigating.
Undisclosed European ministry
July 31, 2025
•[ malware, apt, intelligence collection ]
HackRead reports DoNot APT deployed LOPTiKMod malware against a European ministry to collect intelligence; attribution aligns with prior DoNot operations.
Czech Police, Interior Ministry, and other government offices
July 31, 2025
•[ government, hacktivism ]
iRozhlas reports hackers attacked Czech police and government websites in retaliation for cooperation in Ukraine-related operations.
Town of Bar Harbor, Maine
July 30, 2025
•[ social, phishing, government ]
Bar Harbor discovered on July 30, 2025 that four municipal email accounts were compromised and used to send phishing messages. Town offices were closed July 31Aug 1 while systems were secured. CrowdStrike and FBI confirmed no ransomware, encryption, malware, financial theft, or data exfiltration.
Government servers of Russian-occupied Crimea
July 25, 2025
•[ hack, government ]
Ukraines military intelligence agency said it hacked into government servers in Russian-occupied Crimea that allegedly contained evidence of Russias forced deportation of Ukrainian children from occupied territories.
Parliament of Aruba
July 25, 2025
•[ hack, government ]
Parliamentary email systems in Aruba were hacked in late July 2025, compromising official accounts. The attack affected email communications but did not disrupt broader parliamentary operations. No attribution or data theft has been confirmed.
City of Saint Paul, Minnesota
July 25, 2025
•[ cyberattack, government, service disruption ]
A cyberattack on Saint Paul led to widespread service disruptions; Minnesota activated the National Guard to support response and recovery.
Curaçao Tax & Customs Administration
July 24, 2025
•[ ransomware, malware, government ]
Ransomware attack on July 24, 2025 encrypted and paralyzed systems of Curaaos Tax & Customs Administration, disabling counters, phone lines, and internal operations. Online tax filing remained active. Services restored by August 4. No perpetrator identified; no data exfiltration reported.
Curaçao Tax & Customs Administration
July 24, 2025
•[ ransomware, operational disruption, government ]
Ransomware attack on July 24, 2025 encrypted and paralyzed systems of Curaaos Tax & Customs Administration, disabling counters, phone lines, and internal operations. Online tax filing remained active. Services restored by August 4. No perpetrator identified; no data exfiltration reported.
North St. Paul Police Department
July 23, 2025
•[ phishing, government, hack ]
A phishing email compromised a single business email account in the North St. Paul Police Department around July 23 2025. The incident was swiftly contained with no service disruption and no confirmed data exfiltration, though data compromise is being investigated. Disclosed August 5 2025.
Joint Court of Justice (Dutch Caribbean)
July 23, 2025
•[ hack, malware, government ]
A malware infection on July 23, 2025 forced the shutdown of the Joint Court of Justices entire IT network across six islands. Judicial case management, filings, and email were fully disrupted until restoration began around July 28. No group has claimed responsibility; no data exfiltration confirmed.
Dutch Public Prosecution Service (Openbaar Ministerie)
July 17, 2025
•[ hack, government ]
Systems shut down after discovery of unauthorized access via Citrix.
U.S. federal judiciary CM/ECF & PACER systems
July 4, 2025
•[ hack, leak, government ]
The U.S. federal judiciarys electronic case filing systems (CM/ECF and PACER) were breached around July 4, 2025. Sensitive sealed dataincluding indictments, arrest warrants, and identities of confidential informantswas accessed across multiple district courts. Reports suggest possible theft of system source code and tampering with ~12 dockets. The precise volume of data stolen is unknown, but officials confirmed that a significant number of sealed case files were exposed.
