National Assembly of Ecuador
February 17, 2025
•[ government, data leak ]
Cyberattack targeting Ecuadors National Assembly aimed at accessing confidential legislative information; intrusion detected and contained without confirmed data theft or attribution.
United States Coast Guard
February 17, 2025
•[ data leak, government ]
Between February 17 and 19, 2025, the U.S. Coast Guard identified unauthorized access to its Direct Access personnel and payroll system, a PeopleSoft-based application. Sensitive personal and financial data of Coast Guard members was compromised, leading the service to take the system offline for investigation. Approximately 1,135 members experienced delayed pay as a consequence of the shutdown. No ransomware or encryption was reported, and attribution remains undetermined.
Philippine Charity Sweepstakes Office (PCSO)
February 13, 2025
•[ data leak, hacktivism, government ]
Hacktivist group Philippine Exodus Security claimed responsibility for exfiltrating approximately 100 GB of data from PCSO branch office email accounts in February 2025. While PCSO denied a central database breach, DICT confirmed that unauthorized access to email systems occurred. The group stated its goal was to expose alleged corruption, not to extort funds.
Office of the Comptroller of the Currency (OCC)
February 11, 2025
•[ data leak, email compromise, espionage ]
In February 2025, the U.S. Department of the Treasurys Office of the Comptroller of the Currency detected unauthorized access to its Microsoft 365 email environment. The compromise, which persisted for months before discovery, exposed roughly 103 mailboxes and more than 150,000 emails containing sensitive financial supervisory information. No attribution has been made public, but the incident exhibited characteristics of an espionage-focused breach. No encryption, ransom demand, or operational disruption was reported.
City of Tarrant
February 10, 2025
•[ ransomware, data leak, government ]
Ransomware group RansomHub attacked the City of Tarrants computer systems on February 10, 2025, initially disrupting the police department and prompting the city to shut down its networks. Officials restored servers within days, but RansomHub later posted proof-of-theft police files, confirming data exfiltration. Magnitude, duration, and scope remain undetermined.
More than 570 computers linked to Mexico's government
January 27, 2025
•[ hack, malware, government ]
Threat actors infect more than 570 computers linked to Mexico's government domain gob.mx with infostealer malware, exposing sensitive data and login credentials.
South African Weather Service (SAWS)
January 27, 2025
•[ hack, government ]
A cyberattack forces the government-run South African Weather Service (SAWS) offline, limiting access to a critical service used by the countrys airlines, farmers and allies.
Matagorda County
January 24, 2025
•[ hack, malware, government ]
Matagorda County discloses a cyber attack involving a virus that has affected several internal systems.
Conduent
January 22, 2025
•[ hack, government ]
American business services and government contractor Conduent confirms that a recent outage resulted from what it described as a "cyber security incident."
Embassies, lawyers, government-backed banks, and think tanks in Kyrgyzstan
January 21, 2025
•[ espionage, government ]
Researchers at Seqrite discover a previously undocumented threat actor dubbed Silent Lynx, linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan.
Stadt Schaffhausen
January 21, 2025
•[ hack, ddos, government ]
Two cantonal banks and various public websites were unavailable on Tuesday morning. A hacker group with ties to Russia is "testing" the resilience of Switzerland's internet infrastructure, as they call it. Today, Ukrainian President Volodomir Zelensky will speak at the WEF in Davos.
Ville de Sierre / Stadt Siders
January 21, 2025
•[ hack, ddos, government ]
In the morning, Schaffhausen energy supplier SH Power also displayed an error message. However, its site was back online before midday. Meanwhile, the websites for the cities of Sierre and Geneva remained inaccessible.
Town of Ulster
January 16, 2025
•[ ransomware, malware, government ]
The Town of Ulster discloses a ransomware attack.
Greece's public-sector network, SYZEFXIS
January 16, 2025
•[ hack, ddos, government ]
Government websites went down again on Wednesday afternoon for about 5 minutes. For the same period, civil servants lost access to the internet from their workplace computers.
DigiD
January 14, 2025
•[ hack, ddos, government ]
The DigiD outage, which prevented people from logging in for most of yesterday afternoon , was caused by a large-scale DDoS attack. The DigiD server was experiencing so much traffic that the website couldn't handle it, according to Logius, the government agency that manages DigiD.
Government bodies in Kazakhstan
January 13, 2025
•[ espionage, government ]
Researchers at Sekoia attribute the Russia-linked threat actors from APT28 to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in Central Asia.
Roseltorg
January 13, 2025
•[ hack, government ]
Roseltorg, Russia's main electronic trading platform for government and corporate procurement confirms that it had been targeted by a cyberattack. Pro-Ukraine hacker group Yellow Drift claims responsibility.
Italy's Ministry of Infrastructure and Transport
January 11, 2025
•[ ddos, government, hack ]
Tra ieri e oggi, il gruppo NoName057(16) ha effettuato diversi attacchi DDoS contro siti istituzionali italiani e aziende, tra cui Intesa Sanpaolo.
Committee on Foreign Investment in the United States (CFIUS)
January 10, 2025
•[ espionage, government ]
Silk Typhoon Chinese state-backed threat actors reportedly breach the Committee on Foreign Investment in the United States (CFIUS), a Treasury Department office that reviews foreign investments for national security risks.
Slovakian Geodesy, Cartography and Cadastre Office (UGKK)
January 10, 2025
•[ ransomware, malware, government ]
A cyber attack targets the Slovakian Geodesy, Cartography and Cadastre Office (UGKK), which manages land and property data. The agencys systems are shut down, and its physical offices closed following an alleged ransomware attack. According to local media reports, the attackers are demanding millions of euros in ransom.
