Ubisoft
December 27, 2025
•[ data leak, service disruption ]
Ubisoft suffered a breach in which attackers accessed internal systems controlling the Rainbow Six Siege economy and moderation tools. Game services were globally disrupted, requiring rollback and shutdown of servers for nearly two days.
Arch Linux
December 25, 2025
•[ DDoS, service disruption ]
Arch Linuxs official website experienced a distributed denial-of-service attack that rendered the site inaccessible over IPv4 while remaining reachable via IPv6 as a mitigation measure.
La Poste / La Banque Postale
December 22, 2025
•[ ddos, service disruption ]
La Poste confirmed a distributed denial-of-service (DDoS) incident disrupted its websites and mobile applications just days before Christmas, slowing deliveries and knocking some online services offline. The company said it had no evidence customer data was compromised, but acknowledged postal operations including parcel distribution were affected and some post offices operated at reduced capacity. La Banque Postale warned customers that access to online banking and its mobile app was affected, while card payments and ATM withdrawals continued to function and online payments were still possible when authenticated by text message. La Poste stated its teams were mobilized to restore services as quickly as possible.
Kuaishou
December 22, 2025
•[ cyberattack, service disruption ]
Kuaishou experienced a cyberattack late on December 22, 2025 that disrupted livestreaming services for several hours, prompting market reaction and a decline in its share price the following day.
Square Enix / Final Fantasy XIV
December 19, 2025
•[ ddos, service disruption ]
Final Fantasy XIV experienced service disruption from recurring distributed denial-of-service (DDoS) activity reported around mid-to-late December 2025, impacting players ability to log in and remain connected to the game. Public reporting described repeated disconnects and instability affecting the titles North American data centers during peak play periods around the Patch 7.4 release window.
Petroleos de Venezuela (PDVSA)
December 15, 2025
•[ ransomware, state-sponsored, service disruption ]
PDVSA confirmed a cyberattack impacted its administrative system and publicly blamed the United States, though outside experts had not substantiated that attribution. Reporting cited by the outlet said the incident was more damaging than PDVSA described, with the company website down and oil cargo deliveries suspended; company sources characterized it as a ransomware attack and described systems being down and deliveries halted for days.
Westminster City Council
November 24, 2025
•[ service disruption ]
Westminster City Council was impacted by the same cyber incident identified on November 24, resulting in disruption to some online services and phone systems. The council reports that services are running but some disruption remains. No data compromise has been confirmed.
Psyonix (Rocket League)
November 24, 2025
•[ denial of service, service disruption ]
Psyonix reported that Rocket League servers were experiencing ongoing attacks that caused service disruptions; the studio implemented code optimizations and new DDoS detection to reduce attack impact but did not report any data theft or identify the attackers. Initially, attackers would join a match, launch their attack, and disconnect all of the other players, forcing an unintentional forfeit. As long as the attacker is the last player to leave a match, they earn the win.
Jackson County Public Schools
November 23, 2025
•[ denial of service, service disruption ]
A reflection DDoS attack on November 23 targeted the district firewall, taking down internet, Wi-Fi, phones, and internal systems for Jackson County Public Schools in North Carolina. Schools closed on November 25 due to continuing network instability. Officials reported no evidence of student or staff data access or theft.
Socialdemokratiet
November 17, 2025
•[ ddos, hacktivism, service disruption ]
A DDoS attack attributed to NoName057(16) temporarily disrupted the Social Democrats website on the eve of Denmarks municipal and regional elections.
Det Konservative Folkeparti
November 17, 2025
•[ ddos, hacktivism, service disruption ]
A DDoS attack attributed to NoName057(16) temporarily disrupted the Conservative Peoples Party website ahead of Danish local and regional elections.
Danmarksdemokraterne
November 17, 2025
•[ ddos, hacktivism, service disruption ]
A DDoS attack attributed to NoName057(16) temporarily disrupted the Denmark Democrats website on the eve of Danish municipal and regional elections.
YouFibre
November 13, 2025
•[ service disruption ]
YouFibre experienced a sustained DDoS attack starting on November 13, 2025, causing intermittent broadband service disruptions across multiple UK regions. The company stated it was working with upstream providers to mitigate the attack, which produced multi-day connectivity instability but no evidence of data compromise.
Orion Telecom
November 12, 2025
•[ ddos, service disruption ]
TASS reported that Orion Telecom, described as the largest provider in Krasnoyarsk, experienced a powerful DDoS attack attributed to sources in foreign countries. The provider stated it repelled the attack and fully restored network operations, with central services stable again after engaging internal AntiDDoS capabilities and federal-scale external information security partners. The report indicates the disruption required building tailored protections for specific buildings/cities, implying service degradation/outage for some customers during mitigation. No data theft was described; the primary effect reported was disruption to communications services that was later restored.
Ireland's Office of the Ombudsman
November 12, 2025
•[ ransomware, service disruption ]
The Office of the Ombudsman in Ireland reported that it was the victim of a ransomware attack involving unauthorized access to its IT systems on December 11, 2025. As part of containment, the Office took systems offline and worked with the National Cyber Security Centre and external specialists to investigate and restore services, while notifying law enforcement and the Data Protection Commission. The Office later stated it was confident no personal data had been taken in the incident, and it incrementally restored services, reporting by early January 2026 that public-facing services were back online. The incident primarily caused disruption through precautionary shutdown and recovery operations rather than publicly reported data theft.
DeKalb County
October 18, 2025
•[ system intrusion, service disruption ]
The city reported a network intrusion that disabled billing and administrative systems. Residents were temporarily limited to checks/money orders; late fees were waived and hearings were postponed while forensic work and system rebuild proceeded with state and federal assistance.
Waymo
October 14, 2025
•[ ddos, service disruption ]
Local coverage shows a prank dubbed a Waymo DDoS herded ~50 robotaxis
Memphis-Shelby County Schools (MSCS)
October 8, 2025
•[ supply chain attack, service disruption ]
Vendor messaging platform breach caused districtwide outage; data impact not indicated.
Assaf Harofeh Medical Center
October 1, 2025
•[ extortion, data leak, healthcare ]
Hospital hit during Yom Kippur; extortion demand ~$700,000; brief outage of shared records system reported; authorities probing possible data leak.
Canadian water facility
October 1, 2025
•[ hacktivism, critical infrastructure, industrial control system ]
Hacktivists tampered with water-pressure valves at a Canadian water facility, degrading water service to the local community; actions intended to draw attention to activist causes.
