Chanhassen Dinner Theatres
May 15, 2026
•[ cyberattack, operational disruption, system outage ]
Chanhassen Dinner Theatres experienced a cyberattack affecting part of its computer network on May 15, 2026 and took systems offline while working with outside experts to restore operations. The incident disrupted internet, phone, customer-service, and operational functions and contributed to rescheduled or canceled performances, alongside a separate cast illness/norovirus disruption. Public reporting did not confirm encryption, data theft, a ransom demand, or a responsible actor.
Foxconn North American operations
May 11, 2026
•[ cyberattack, data theft, operational disruption ]
Nitrogen claimed responsibility for a cyberattack against Foxconn and alleged theft of roughly 8TB of data spanning more than 11 million files. Foxconn confirmed that some North American factories suffered a cyberattack and said affected factories were resuming normal production. Public reporting supports operational disruption and alleged large-scale data theft, but does not confirm file encryption, data destruction, or the specific disruption mechanism.
Saver
April 9, 2026
•[ ransomware, personal data, operational disruption ]
Saver was hit by ransomware on April 9, disrupting systems and phone lines while attackers accessed servers containing personal data.
Minidoka Memorial Hospital
April 5, 2026
•[ cyber attack, healthcare, operational disruption ]
A cyber incident on Easter morning limited imaging services at Minidoka Memorial Hospital in Rupert, Idaho, leading to temporary emergency patient transfers; internal systems were affected but patient care continued, and imaging was fully restored by midnight on April 19, 2026.
Taiwan High Speed Rail Corporation
April 5, 2026
•[ radio interference, TETRA communications, software-defined radio ]
A 23-year-old university student identified by the surname Lin allegedly interfered with Taiwan High Speed Rail's TETRA radio communications system using software-defined radio equipment and handheld radios. The unauthorized General Alarm signal triggered emergency braking or emergency stop procedures, affecting four high-speed trains for approximately 48 minutes. Public reporting did not identify data theft, ransomware, or a financial motive.
Hasbro Systems
March 28, 2026
•[ unauthorized access, cyberattack, operational disruption ]
Hasbro identified unauthorized access to its network on March 28, 2026 and took select systems offline as a containment measure while continuing operations through business-continuity procedures; the company warned that interim measures could cause order-processing, shipping, and invoicing delays while it reviewed potentially impacted files.
Jackson County Sheriff's Office
March 27, 2026
•[ ransomware, cyberattack, operational disruption ]
A ransomware attack crippled the Jackson County Sheriff's Office in Indiana, taking computers, Wi-Fi, and reporting systems offline and forcing staff to use temporary manual workarounds.
Dutch Ministry of Finance
March 19, 2026
•[ cyberattack, unauthorized access, internal system compromise ]
The Record reported that the Dutch Ministry of Finance is investigating a cyberattack that compromised some internal systems. Officials said the breach was flagged on March 19, 2026 after a third party alerted the ministry to suspicious activity, and internal security teams found unauthorized access to several systems used by a department. Authorities said the affected systems were part of the ministrys primary infrastructure and were taken offline quickly once detected. The report did not confirm data theft or identify the attacker; the confirmed impact is internal-system compromise and operational disruption from systems being taken offline during response.
Omi Kenshi Co., Ltd
March 16, 2026
•[ unauthorized access, system failure, operational disruption ]
On March 16, 2026, Omi Kenshi Co., Ltd. experienced unauthorized external access that caused system failure and suspension of core systems, delaying financial closing procedures.
Medica Publishing Co., Ltd
March 13, 2026
•[ ransomware, data leak, personal information ]
A ransomware attack encrypted Medica Publishings systems on March 13, 2026, halting order processing, shipping, and customer inquiries, and the company later confirmed leakage of some personal and transaction-related information.
The Independent Public Regional Hospital
March 7, 2026
•[ cyberattack, ransomware, data encryption ]
A cyberattack hit the Independent Public Regional Hospital in Szczecin, Poland, overnight on 03/0703/08/2026, forcing staff to revert to paper-based operations. Hospital authorities said the attack encrypted parts of hospital data and blocked access to critical digital records, temporarily disrupting digital operations. Officials stated urgent treatments and admissions continued, but administrative processes were slower while IT teams worked to restore system access.
At least one critical infrastructure provider
March 1, 2026
•[ advanced persistent threat, critical infrastructure, programmable logic controllers ]
Iran-affiliated advanced persistent threat actors accessed internet-exposed Rockwell Automation/Allen-Bradley programmable logic controllers at one or more U.S. critical infrastructure providers, manipulated project files and HMI/SCADA displays, resulting in operational disruption and financial loss.
Wilhelmsen Ship Management (Norway) AS
February 27, 2026
•[ ransomware, data leak, operational disruption ]
A ransomware incident affected systems on a single Wilhelmsen-managed ship and disrupted that vessels operations. Later reporting said passport and next-of-kin information relating to personnel on that ship was also compromised.
University of Mississippi Medical Center (UMMC)
February 20, 2026
•[ ransomware, operational disruption, healthcare ]
UMMC reported a ransomware attack triggered its emergency operations plan and forced it to cancel all clinic appointments and elective procedures at locations statewide while it assessed the intrusion and worked to restore systems. Public reporting described broad impacts to phone and electronic systems and significant disruption to patient care workflows, with staff reverting to manual processes. UMMC stated it was working with federal authorities (including the FBI) and external experts to investigate scope and recover operations; reporting at the time did not confirm whether patient data was exfiltrated, but the primary confirmed effect was major operational disruption across the health system.
North Ferry Company
February 18, 2026
•[ ransomware, operational disruption, payment system ]
An editorial in the Riverhead News-Review stated that North Ferry Companys payment system froze under a ransomware attack the prior week, preventing customers from paying online while the FBI and U.S. Secret Service investigated. The piece uses the incident to argue local governments and businesses on Long Islands North Fork should treat ransomware as a recurring risk, referencing earlier attacks such as Southold Towns pre-Thanksgiving ransomware disruption. The editorial does not provide the exact attack date, ransomware group, access vector, or whether any data was stolen, but it describes a confirmed operational disruption to the ferry companys payment system consistent with ransomware.
UFP Technologies
February 14, 2026
•[ unauthorized access, data theft, operational disruption ]
UFP Technologies disclosed that threat actors gained unauthorized access to its IT systems around February 14, 2026, disrupting billing and delivery label generation and resulting in the theft or destruction of company or company-related data.
University of La Sapienza
February 5, 2026
•[ cyberattack, operational disruption, network shutdown ]
La Sapienza University in Rome reported that its IT infrastructure was targeted by a cyberattack that caused widespread operational disruption. The university announced it ordered an immediate shutdown of network systems as a precaution to protect data integrity and security, and formed a technical task force while notifying authorities. As of the report, the universitys website remained offline and ongoing status updates indicated continued recovery work. Public reporting did not confirm data theft; the primary documented effect is the deliberate shutdown and resulting loss of availability for key university network services.
NationStates
February 3, 2026
•[ vulnerability, remote code execution, data leak ]
NationStates confirmed a data breach after taking its website offline to investigate a security incident. The operator stated that on January 27, 2026 a player reported a critical vulnerability, then exceeded authorized boundaries and obtained remote code execution on the main production server, allowing them to copy application code and user data. NationStates indicated the only way to restore confidence was to rebuild the server and determine what was accessed or copied, leading to site instability and downtime during response. The incident combines confirmed unauthorized access/data copying with operational disruption from the shutdown/rebuild.
Senegal's Directorate of File Automation (DAF)
February 3, 2026
•[ ransomware, cyberattack, operational disruption ]
The Record reported that Senegal confirmed a cybersecurity incident affecting its Directorate of File Automation (DAF), an office managing sensitive identity information such as national ID cards, passports, and other biometric data. DAF issued a public notice warning residents that the cyberattack forced the temporary suspension of the offices operations. The article noted the breach became public after ransomware claims, but it did not confirm in the government notice that biometric or identity records were exfiltrated; the confirmed primary effect in the report is operational disruption via suspension/closure of the offices services.
Uffizi Galleries
February 1, 2026
•[ cyberattack, backup restoration, operational disruption ]
Uffizi Galleries confirmed a cyberattack but said nothing was stolen and disruption was limited to restoring backups.
