Town of Pepperell
March 31, 2026
•[ cyberattack, public safety, municipal systems ]
A cyberattack impacted Pepperell's employee computer systems and public safety departments, knocking out certain business phone lines and disrupting some municipal and dispatch-related systems while 911 service remained operational.
Foster City
March 19, 2026
•[ cyberattack, service disruption, network intrusion ]
GovTech (via SFGATE/TNS) reported a cyberattack that left Foster City (Bay Area; ~33,000 residents) largely paralyzed for five consecutive days after suspicious activity was discovered on the citys computer network on Thursday morning (Mar. 19, 2026). City officials said most computer systems were taken offline as a precaution while independent cybersecurity specialists investigate and remediate. Most government services were suspended with no restart timeline provided, while police and 911 services continued operating. Public reporting did not confirm the intrusion vector, ransomware group, or whether data was exfiltrated; the confirmed primary effect is prolonged disruption of municipal services.
La Mutuelle Familiale
March 17, 2026
•[ cyberattack, service disruption, investigation ]
La Mutuelle Familiale disclosed a cyberattack detected on March 17, 2026 that temporarily disrupted multiple member and back-office services while investigations continued; no perpetrator or data theft was publicly confirmed.
CareCloud
March 16, 2026
•[ unauthorized access, service disruption, electronic health record ]
An unauthorized third party temporarily accessed part of CareCloud Health and partially disrupted functionality and data access in one electronic health record environment before service was restored the same evening.
Intoxalock
March 14, 2026
•[ cyberattack, denial of service, DDoS ]
DataBreaches summarized local reporting that a cyberattack shut down Intoxalocks nationwide breathalyzer interlock system, preventing affected drivers from starting vehicles because server-side systems were down. Intoxalock stated hackers were flooding its servers to stop them from functioning. The outage affected device-related services such as installations, removals, calibrations, and account access across 46 states. The company stated user data was secure and did not disclose whether a ransom demand was made; no public claim of responsibility was noted at publication.
Perm parking payment system
March 9, 2026
•[ DDoS attack, service disruption, cyberattack ]
The Record reported that the Russian city of Perm restored its parking payment system after a cyberattack the prior week knocked the service offline for several days, temporarily making parking free. Local officials said the disruption was caused by a large-scale DDoS attack that overwhelmed the citys automated parking payment infrastructure. No data theft was described; the primary effect was service availability disruption.
Geo News
March 2, 2026
•[ cyberattack, broadcast hijacking, satellite hacking ]
Pakistan Observer reported Geo News said it suffered a sustained and sophisticated cyberattack over the prior 24 hours in which its transmission via Pakistans PakSat satellite was hacked. The channel said attackers breached the broadcast feed, caused repeated interruptions, and hijacked the screen to air unauthorized messages. Geo News stated it had no connection to the malicious content and was working to restore secure operations. The report focuses on disruption of broadcast integrity/availability rather than data theft.
Roskomnadzor
February 27, 2026
•[ DDoS attack, multi-vector attack, traffic scrubbing ]
A multi-vector DDoS attack targeted Roskomnadzor online resources. Traffic peaked at 33 Gbps and 36.9 million packets per second before malicious traffic was redirected to scrubbing servers and access was restored.
Greenland government-related websites (multiple)
February 20, 2026
•[ DDoS attack, hacktivism, service disruption ]
Greenland media reported that several Greenlandic websites were hit by DDoS attacks on February 20, 2026. Naalakkersuisut stated it was monitoring the situation and assessed that the attacks were not dangerous or harmful to data, but could disrupt availability for short periods. Separate reporting around the same incident attributed the DDoS activity to the pro-Russian hacktivist collective NoName057(16). The confirmed primary effect described is temporary service availability disruption rather than data theft.
Spain's Ministry of Science (Ministerio de Ciencia)
February 5, 2026
•[ cyberattack, data leak, IDOR vulnerability ]
Spains Ministry of Science partially shut down IT systems and suspended ongoing administrative procedures following what it called a technical incident, later reported by Spanish media as related to a cyberattack. A threat actor using the alias GordonFreeman claimed responsibility, posted samples, and offered allegedly stolen ministry data for sale. The attacker claimed an IDOR vulnerability enabled credential access and full admin-level access, but BleepingComputer noted it could not independently confirm all claims. The confirmed impact is significant service disruption for citizen/company-facing procedures, with credible indications of data compromise based on posted samples.
KSeF
February 1, 2026
•[ DDoS attack, service disruption, e-invoicing ]
Polish reporting quoted Finance and Economy Minister Andrzej Domaski stating that early access problems with the KSeF e-invoicing system were due in part to a DDoS attack against the login system, alongside heavy legitimate login attempts. The minister said the DDoS traffic came from 17 countries, which contributed to overload and user access difficulties, and that the situation was brought under control. The reporting does not describe data theft; the primary effect is temporary disruption/degradation of system accessibility due to external traffic flooding.
Delta (Russian Security and Alarm Services Company)
January 26, 2026
•[ cyberattack, service disruption, state-sponsored attack ]
A cyberattack attributed to a hostile foreign state disrupted Deltas alarm and vehicle services for thousands of users. No customer data compromise confirmed.
Local Government Services Portal (KOVTP)
January 22, 2026
•[ cyberattack, denial-of-service, service disruption ]
A Russian-language summary report stated that the portal for local government services (KOVTP) was subjected to a large-scale cyberattack that disrupted availability. The incident was presented as a service disruption affecting public access, consistent with an external denial-of-service scenario. The available summary did not provide exact downtime, traffic characteristics, or evidence of data theft, so the record is coded as disruptive with undetermined duration and scope details.
Viafier
January 22, 2026
•[ malware, data leak, unauthorized access ]
The Swiss rail operator Viafier Retica shut down its Vereina car-shuttle online ticket shop after discovering malware on the system. The organization stated that attackers likely accessed the web shop database, which may contain customer and employee contact details and hashed passwords. Users were advised to change passwords used on other services. The incident caused service disruption to online ticket sales while containment and investigation actions were undertaken.
Czech Public Procurement Portal
January 19, 2026
•[ DDoS attack, service disruption, cyberattack ]
Czech authorities reported that the countrys public procurement portal was taken out of service by hackers on Monday, January 19, 2026, in an incident described as a DDoS attack. The Ministry for Regional Development stated the portal was brought back online later that same day and the situation continued to be assessed. Officials emphasized that actual public procurement submissions are handled in a separate system that remained functional, limiting downstream operational disruption primarily to portal availability and access to related information services rather than halting procurement processes entirely.
public.lu
January 19, 2026
•[ DDoS attack, denial-of-service, service disruption ]
Luxembourgs state web domain public.lu experienced a DDoS attack that made several government websites unreachable for roughly forty minutes in the morning (approximately 7:588:39). The national IT center (CTIE) confirmed the incident and stated the disruption was a traffic-flooding denial-of-service event rather than an attempt to expose sensitive data. Impacted sites reported included guichet.lu, Legalux, and CTIEs own web presence; services later returned to normal.
Final Fantasy 14's European or Asian servers
January 6, 2026
•[ DDoS attack, service disruption, distributed denial-of-service ]
Reporting described sustained distributed denial-of-service (DDoS) attacks disrupting Final Fantasy XIVs North American servers during the launch window for a newly released savage raid tier. Players reported frequent disconnects and unstable service during peak playtimes, and community tracking cited repeated incidents throughout the day, including reports of around 15 disruptions in a single day. The disruptions affected progression and organized play and persisted over multiple days.
Libya Telecom & Technology Company
December 30, 2025
•[ DDoS, service disruption, network security ]
Libya Telecom & Technology Company (LTT) reported that its systems and network were subjected to ongoing distributed denial-of-service (DDoS) attacks starting December 30, 2025. The company stated it activated an emergency protocol immediately upon detection, contained the majority of the impact, and worked to ensure continuity of essential services while the incident response plan remained in effect and monitoring continued for further attempts.
Ubisoft
December 27, 2025
•[ data leak, service disruption ]
Ubisoft suffered a breach in which attackers accessed internal systems controlling the Rainbow Six Siege economy and moderation tools. Game services were globally disrupted, requiring rollback and shutdown of servers for nearly two days.
Arch Linux
December 25, 2025
•[ DDoS, service disruption ]
Arch Linuxs official website experienced a distributed denial-of-service attack that rendered the site inaccessible over IPv4 while remaining reachable via IPv6 as a mitigation measure.
