Delano Public Schools
May 18, 2026
•[ ransomware, network compromise, service disruption ]
Delano Public Schools experienced a network compromise discovered after unauthorized activity caused ransom messages to print throughout the district. The district shut down internet access while experts tested systems and canceled classes on May 20, 2026. Public reporting did not confirm data theft or successful encryption.
Salt Mobile SA
May 15, 2026
•[ DDoS attack, service disruption, network security ]
On May 15, 2026, Salt's fixed-line services in Switzerland were disrupted for about 40 minutes by an external distributed denial-of-service attack. Salt said technical teams activated protective measures and restored service; the mobile network was not affected.
Murray County Government
May 13, 2026
•[ cyberattack, government, service disruption ]
Murray County, Georgia reported that a cyberattack hit the county government network, forcing several county offices to limit services or close until network systems were restored. The Tax Commissioner, Tax Assessor, Probate Court, and Juvenile Court offices were closed, while other county offices remained open with limited functionality; 911, public safety, and primary voting continued. Public reporting did not identify a threat actor, confirm ransomware or encryption, specify the technical mechanism, report data theft, or provide a final restoration date.
eBay Inc
April 26, 2026
•[ DDoS attack, service disruption, hacktivism ]
eBay experienced a widespread service disruption beginning April 26, 2026, affecting search, listings, checkout, and API functionality worldwide; the hacktivist group 313 Team claimed responsibility for a DDoS attack, but eBay did not confirm the cause.
Kent District Library
April 24, 2026
•[ ransomware, cyberattack, service disruption ]
Kent District Library closed all branches after a ransomware attack disrupted computer systems and network-dependent services.
Administration of Kursk region
April 20, 2026
•[ DDoS attack, government, service disruption ]
On April 20, 2026, Kursk regional authorities reported a DDoS attack against regional administration servers that made the live broadcast of a government session unavailable. Officials said the session recording would be published later on official governor and regional government resources, and corroborating reporting said the attack was localized the same day.
Mastodon (mastodon.social)
April 20, 2026
•[ DDoS attack, service disruption, 313 Team ]
Mastodons flagship mastodon.social server was hit by a DDoS attack on April 20, 2026, making the instance unusable at times and causing much of the site to become inaccessible. Mastodon implemented countermeasures by 9:05 a.m. ET and restored access within a couple of hours, while warning that instability could continue as the attack was ongoing; SC Media reported that 313 Team claimed responsibility.
Adams County, Mississippi
April 17, 2026
•[ ransomware, government services, outdated systems ]
Adams County, Mississippi suffered a ransomware attack on April 17, 2026, after an outdated computer in the sanitation department allowed hackers to spread through the county network. The attack locked employees out of key services including court records, car tag payments, and public records processing; about 70% of systems were back online by the time of reporting, but full recovery was still underway.
South Korean Ministry of Foreign Affairs
April 17, 2026
•[ DDoS attack, service disruption, cyberattack ]
South Koreas Ministry of Foreign Affairs website was briefly disrupted by a DDoS attack and restored the same day.
Bluesky
April 15, 2026
•[ DDoS attack, service disruption, 313 Team ]
Bluesky experienced a roughly 24-hour DDoS attack that intermittently disrupted core platform features; 313 Team claimed responsibility.
Autovista
April 11, 2026
•[ ransomware, service disruption, containment ]
Autovista reported a ransomware incident identified on April 11, 2026 that affected certain systems in Europe and Australia and caused service disruption for customers. The company implemented containment measures, worked with external forensic experts to validate systems before restoration, and later reported many products and services were partially or fully restored.
Athénée Royal d'Izel
April 9, 2026
•[ ransomware, encryption, service disruption ]
The local server of Athne Royal d'Izel was encrypted during a ransomware attack on the morning of April 9, 2026, affecting the online school platform for meal payments and attendance; quick isolation prevented personal data theft and restoration from backups was underway.
ChipSoft
April 7, 2026
•[ ransomware, healthcare, data breach ]
Embargo ransomware hit ChipSoft on April 7, 2026, disrupting its website and digital healthcare services, causing hospitals to disconnect or take ChipSoft-connected systems offline, and stealing medical personal data from several Dutch healthcare institutions; ChipSoft later said the stolen data had been destroyed.
Town of Pepperell
March 31, 2026
•[ cyberattack, public safety, municipal systems ]
A cyberattack impacted Pepperell's employee computer systems and public safety departments, knocking out certain business phone lines and disrupting some municipal and dispatch-related systems while 911 service remained operational.
Patriot Regional Emergency Communications Center
March 31, 2026
•[ cyberattack, service disruption, emergency services ]
A cyberattack disrupted non-emergency and business telephone lines for police, fire, and EMS departments in Pepperell, Dunstable, Townsend, and Ashby; 911 service remained functional and no private user information was reported compromised.
City of Martinsville
March 25, 2026
•[ data breach, personal information, municipal computer systems ]
The City of Martinsville disclosed that, on or about March 25, 2026, its technology team became aware of disruptions to municipal computer systems and took steps to stop the incident. Early reporting said some services in the city municipal building could be delayed or limited for the rest of the week. The city later said personal information may have been accessed by the perpetrators, but public reporting did not identify the threat actor, confirm ransomware or encryption, specify the disruption mechanism, or quantify the affected data.
Foster City
March 19, 2026
•[ cyberattack, service disruption, network intrusion ]
GovTech (via SFGATE/TNS) reported a cyberattack that left Foster City (Bay Area; ~33,000 residents) largely paralyzed for five consecutive days after suspicious activity was discovered on the citys computer network on Thursday morning (Mar. 19, 2026). City officials said most computer systems were taken offline as a precaution while independent cybersecurity specialists investigate and remediate. Most government services were suspended with no restart timeline provided, while police and 911 services continued operating. Public reporting did not confirm the intrusion vector, ransomware group, or whether data was exfiltrated; the confirmed primary effect is prolonged disruption of municipal services.
La Mutuelle Familiale
March 17, 2026
•[ cyberattack, service disruption, investigation ]
La Mutuelle Familiale disclosed a cyberattack detected on March 17, 2026 that temporarily disrupted multiple member and back-office services while investigations continued; no perpetrator or data theft was publicly confirmed.
CareCloud
March 16, 2026
•[ unauthorized access, service disruption, electronic health record ]
An unauthorized third party temporarily accessed part of CareCloud Health and partially disrupted functionality and data access in one electronic health record environment before service was restored the same evening.
Intoxalock
March 14, 2026
•[ cyberattack, denial of service, DDoS ]
DataBreaches summarized local reporting that a cyberattack shut down Intoxalocks nationwide breathalyzer interlock system, preventing affected drivers from starting vehicles because server-side systems were down. Intoxalock stated hackers were flooding its servers to stop them from functioning. The outage affected device-related services such as installations, removals, calibrations, and account access across 46 states. The company stated user data was secure and did not disclose whether a ransom demand was made; no public claim of responsibility was noted at publication.
