Aeroflot
July 28, 2025
•[ hacktivism, data leak, data destruction ]
Two hacktivist groups claim to have gained access to 122 hypervisors, 43 ZVIRT virtualization installations, approximately 100 iLO interfaces used for server management, and four Proxmox clusters. They say they exfiltrated all databases from flight history and employee workstations (including of top executives), wiretapping servers containing phone call recordings, and personnel monitoring systems. Claim to have wiped 7,000 physical and virtual servers hosting 12TB of databases, 8TB of Windows Share files, and 2TB of corporate email. Resulted in the cancellation of more than 60 flights and severe delays on additional flights.
Haskar Integration (Russian military drone supplier)
July 15, 2025
•[ data destruction, hacktivism, military ]
Ukrainian cyber operators claimed access and subsequent wiping of 47TB of technical data from Haskar Integration, a major supplier to Russian forces; backups also deleted.
Columbia University
July 3, 2025
•[ data leak, hacktivism ]
University said a hacker with a political agenda broke into IT systems and stole targeted student data; no threat activity detected since June 24.
Netherlands National Government Web Infrastructure
June 23, 2025
•[ ddos, hacktivism, disruption ]
Pro-Russian hacktivist group NoName057(16) conducted coordinated DDoS attacks against Dutch government websites hosted on shared infrastructure ahead of the NATO summit; disrupted access to at least four major portals for several hours; no data compromise reported.
Saudi Games 2024 Registration Platform
June 22, 2025
•[ data leak, hacktivism, database breach ]
Pro-Iranian hacktivist group Cyber Fattah claimed access to the Saudi Games 2024 registration platform backend (phpMyAdmin), leaking SQL dumps with thousands of athlete and visitor recordspassport and ID scans, medical forms, IBANsand staff/government credentials as a protest against Saudi authorities.
Truth Social
June 21, 2025
•[ ddos, hacktivism, outage ]
Truth Social experienced a global outage on June 21 2025 attributed by self-identified Iran-aligned hacktivist group 313 Team to a DDoS attack; NetBlocks confirmed connectivity loss unrelated to ISP filtering; services restored within hours; no data theft confirmed.
Nobitex Cryptocurrency Exchange
June 18, 2025
•[ hacktivism, cryptocurrency, theft ]
Predatory Sparrow (pro-Israel hacktivist group) breached Irans Nobitex cryptocurrency exchange on June 18 2025, transferring roughly $90 million USD in assets to unrecoverable wallet addresses; action was intended to punish Iranian regime-linked financial infrastructure; no evidence of ransom or profit motive.
NetVision (Cellcom Israel)
June 17, 2025
•[ phishing, vulnerability exploitation, hacktivism ]
Pro-Palestinian hackers exploited a vulnerability in NetVisions legacy email infrastructure to send forged phishing messages impersonating Israeli government domains; servers used for distribution of malicious emails; no confirmed data theft or ransom demand reported.
Vice Ministry of Economy (Paraguay) et al.
June 14, 2025
•[ hacktivism, website defacement, unauthorized access ]
Hacktivist group CyberTeam launched coordinated website intrusions against Paraguayan government institutions, defacing and accessing official systems while denouncing national cybersecurity as ineffective; the Ministry of Economy confirmed limited unauthorized access but no data leak.
Multiple Thai government and news websites
June 9, 2025
•[ DDoS, hacktivism, service disruption ]
Cambodian hacktivist collective AnonSecKh launched DDoS attacks on June 9 2025 against Thai government and media websites hosted on common public-sector servers; traffic floods disrupted access to more than 20 sites for about two days before mitigation by ThaiCERT; no data theft or defacement reported.
Bharatpedia (English Version)
June 8, 2025
•[ denial of service, hacktivism ]
Bharatpedias official X account confirmed a cyberattack on June 8, 2025, that took its English site offline for several days; incident attributed to an external denial-of-service campaign consistent with hacktivist protest activity; no data compromise reported.
National Council of Notaries of Morocco (Tawtik.ma Platform)
June 2, 2025
•[ data leak, hacktivism ]
Hacktivist group Jabaroot DZ exfiltrated data from Moroccos Tawtik.ma platform used by the National Council of Notaries; DGSSI confirmed the breach was limited to this platform and did not affect ANCFCC; attackers claimed to have accessed 4 TB of non-classified notarial records.
ASVT
May 27, 2025
•[ ddos, hacktivism, service disruption ]
Major DDoS on Russian ISP ASVT disrupted internet for tens of thousands in Moscow; ASVT attributed the attack to the pro-Kyiv IT Army.
Polish ruling party websites
May 16, 2025
•[ hacktivism ]
Reports the ruling partys websites were attacked two days before the presidential election; officials attributed the activity to Russia-aligned actors on Telegram.
Lecardo Clinic
May 16, 2025
•[ hacktivism, cyberattack, operational disruption ]
Lecardo Clinic announced a technical failure that led to a three-day shutdown; a pro-Ukraine group claimed a cyberattack. Public reporting indicates multi-day operational disruption, but the exact technique was not disclosed.
Pravosudiye
May 15, 2025
•[ hacktivism, data destruction, government ]
Russias national case management/e-filing system was reportedly hacked in Oct 2024, erasing roughly a third of its archive and disrupting court websites and communications for about a month; the operation has been claimed by pro-Ukraine hackers.
Multiple Indian websites
May 13, 2025
•[ cyberattack, hacktivism ]
Maharashtra Cyber/press reports said Pakistan-allied hackers launched ~1.5 million attacks with ~150 successes.
GlobalX
May 6, 2025
•[ hacktivism, defacement, data leak ]
Hacktivists defaced GlobalXs website and claimed theft of flight records and deportation passenger manifests; reporting cites defacement message referencing deportations. https://databreaches.net/2025/05/06/globalx-airline-for-trumps-deportations-hacked/
Arun District Council
May 6, 2025
•[ ddos, hacktivism ]
Pro-Russia group NoName057(16) ran a DDoS campaign against multiple UK local government sites; Arun DC confirmed website issues on May 6 that were resolved within hours; other councils reported little/no impact.
Government of Romania
May 5, 2025
•[ ddos, hacktivism, election interference ]
Russia-aligned hacktivists claimed DDoS attacks on Romanian state and candidate websites on election day, temporarily knocking portals offline before restoration.
