Vladimir Bread Factory
January 26, 2026
•[ cyberattack, operational disruption, delivery disruption ]
A cyberattack knocked offline internal digital systems at a Russian bread factory, disrupting order processing and deliveries while production lines continued operating.
Sociedad Hipotecaria Federal
January 21, 2026
•[ ransomware, data leak, encryption ]
Sociedad Hipotecaria Federal was listed by LockBit, which claimed to have stolen 277 GB of data and published it after a ransom deadline expired; reporting also cited encryption of critical systems and operational disruption.
Dresden State Art Collections
January 21, 2026
•[ targeted cyberattack, operational disruption, digital infrastructure ]
The Record reported that Dresden State Art Collections discovered a targeted cyberattack on Wednesday (January 21, 2026) that disrupted significant parts of its digital infrastructure. The state of Saxonys culture ministry said the museum network had limited digital and phone services, with online ticket sales, visitor services, and the museum shop unavailable. On-site payments were restricted to cash, though tickets purchased online before the incident could still be scanned, and the museums remained open. The ministry stated security systems protecting the collections were not affected and physical/technical security remained intact, indicating the primary impact was operational disruption of public-facing digital services rather than compromise of collection security systems.
AZ Monica
January 13, 2026
•[ cyberattack, operational disruption, healthcare ]
AZ Monica hospital in Antwerp reported a cyberattack discovered around 6:30 a.m. after staff observed a serious IT failure. As a precaution, the hospital shut down all servers across both campuses (Deurne and Antwerp/Harmonie), and law enforcement opened an investigation with the cyber crime unit on site. Because clinicians could not access electronic patient records, the hospital postponed non-urgent care and maintained emergency care at a reduced level. Reporting stated at least 70 planned operations were cancelled, roughly 70 patients were sent home, and seven patients were transferred to other hospitals as a precaution. Public reporting did not confirm encryption, ransom demands, or data theft, focusing primarily on operational disruption and patient-care impact.
Anchorage Police Department via Whitebox Technologies
January 7, 2026
•[ security incident, third-party risk, data migration ]
Anchorage Police Department reported it took immediate containment actions after being alerted on January 7, 2026 to a security incident affecting one of its technology service providers, Whitebox Technologies (a data migration firm). According to reporting cited in the post, the Citys IT department shut down the relevant Anchorage Police Department servers and disabled the vendors access along with all third-party service provider access while incident response work continued. As of the report date, no ransomware group had publicly claimed responsibility and there was no public statement from the vendor. Public reporting did not confirm whether any APD data was accessed or exfiltrated, but it confirms operational disruption via server shutdown and access suspension.
Higham Lane School
January 7, 2026
•[ cyberattack, operational disruption, IT outage ]
Cybernews reported that Higham Lane School, a secondary school in Nuneaton, England, temporarily closed due to a cyberattack. According to the headteachers message to parents cited in the article, the school took all IT systems and digital services completely offline as a precaution, including telephones, email, servers, and the schools management system. The report does not identify the threat actor, method of intrusion, or whether data was accessed; the primary confirmed impact is operational disruption and loss of communications/management systems while the school responded.
Metro Pet Vet
January 7, 2026
•[ ransomware, data breach, technical difficulties ]
A Lancaster County veterinary practice (Metro Pet Vet) reported it was hit by a ransomware attack after several days of technical issues. The office said Monday and Tuesday it experienced major technical difficulties, including its router stopping, and by Wednesday morning ransomware was detected and the practice lost access to its server. Staff reported they could not access pet vaccine and medication histories and had to operate like 40 years ago using paper while continuing to treat animals and relying on an app for scheduling. The practice stated no credit card or Social Security information was stored on the affected server, but client phone numbers and addresses were stored there, and it expected recovery work to continue into the following week.
At least one organization in the energy sector
December 16, 2025
•[ energy sector, unauthorized access, operational disruption ]
An organization operating in the energy sector was targeted by cyber activity that sought to access or interfere with systems supporting energy operations.
Cheyenne and Arapaho Tribes
December 8, 2025
•[ ransomware, network shutdown, operational disruption ]
A ransomware attack forced the Cheyenne and Arapaho Tribes to shut down tribal computer networks, disrupting email and phone service and suspending some operations while systems were restored in phases.
Colorado State Public Defender’s Office
October 3, 2025
•[ ransomware, encryption, operational disruption ]
Ransomware beginning Oct 3 2025 encrypted servers and shared drives at Colorados State Public Defender Office, rendering thousands of case files inaccessible and delaying operations for weeks. No evidence of data theft or leak has been reported.
Orleans Parish Sheriff’s Office
September 4, 2025
•[ ransomware, cyberattack, operational disruption ]
A ransomware cyberattack in early Sept 2025 shut down the Orleans Parish Sheriffs Office AS/400 administrative systems, delaying inmate releases and disrupting operations. Systems were restored after two days with help from local and state cybersecurity agencies, and jail data remained secure.
Sewage treatment plant in Witków
August 19, 2025
•[ industrial control systems, hacktivism, operational disruption ]
Russian hacktivists allegedly manipulated industrial control systems at the sewage treatment plant in Witkw, with video evidence and analyst review indicating operational disruption to plant processes.
Sewage treatment plant in Kunica
August 19, 2025
•[ industrial control systems, hacktivism, operational disruption ]
Russian hacktivists allegedly interfered with industrial control systems at the sewage treatment plant in Kunica, and publicly released video that Polish analysts assessed as showing real operational disruption.
Polish hydropower plant in Tczew in May 2025
August 19, 2025
•[ hacktivism, critical infrastructure, operational disruption ]
Russian hacktivists allegedly targeted a hydropower plant in Tczew in May 2025, but reporting suggests the facility may have been offline at the time, limiting evidence of meaningful operational disruption.
Curaçao Tax & Customs Administration
July 24, 2025
•[ ransomware, operational disruption, government ]
Ransomware attack on July 24, 2025 encrypted and paralyzed systems of Curaaos Tax & Customs Administration, disabling counters, phone lines, and internal operations. Online tax filing remained active. Services restored by August 4. No perpetrator identified; no data exfiltration reported.
KiranaPro
June 3, 2025
•[ hacking, server deletion, data wipe ]
TechCrunch reported Indian grocery delivery startup KiranaPro was hacked and its servers were deleted, with the founder confirming the companys data had been wiped. The report described the incident as catastrophic to operations (platform disruption) but did not confirm in that initial story whether customer data was accessed or exfiltrated, focusing on the destructive effect of wiping infrastructure and data.
Anchor Industries Inc.
May 25, 2025
•[ ransomware, operational disruption ]
Over Memorial Day weekend 2025, Evansville-based Anchor Industries Inc. suffered a ransomware attack that encrypted manufacturing and administrative systems, causing several days of operational disruption. The company reported no confirmed data theft while restoring systems from backups. The responsible actor remains unidentified.
Lecardo Clinic
May 16, 2025
•[ hacktivism, cyberattack, operational disruption ]
Lecardo Clinic announced a technical failure that led to a three-day shutdown; a pro-Ukraine group claimed a cyberattack. Public reporting indicates multi-day operational disruption, but the exact technique was not disclosed.
Nucor Corporation
May 14, 2025
•[ cybersecurity incident, operational disruption ]
Nucor reported a cybersecurity incident and took parts of its network offline as containment, causing operational disruptions and delays.
Masimo Corporation
April 27, 2025
•[ cyberattack, operational disruption ]
Masimo reported a cyberattack breaching on-prem systems, isolating impacted systems and causing production delays in fulfilling orders.
