Infoniqa
August 15, 2025
•[ cyberattack, service disruption, IT security incident ]
Heise reported that Infoniqa, a provider of payroll and HR software services, suffered an IT security incident described as a cyberattack that disrupted services. The companys customer communications described technical restrictions and noted that the ONE Start Cloud service was not usable, with operational alternatives offered while investigations continued. Infoniqa stated that technical restrictions were resolved by Tuesday August 12, 2025, but reporting also included claims that at least some customers were unable to use services for more than a week. Infoniqa said external cybersecurity and forensic specialists were analyzing the incident and that it was not yet able to say whether any data was leaked.
F.C. Copenhagen live stream (Champions League vs Malmö FF)
August 12, 2025
•[ DDoS attack, service disruption, cyber attack ]
F.C. Copenhagens Champions League stream was disrupted on August 12, 2025, by a large-scale DDoS attack that flooded its login system with traffic equal to six months usage in one hour. Fans were unable to access the match for 28 minutes until an alternate stream was activated. No data was stolen or encrypted.
Undisclosed Canadian electric utility
July 29, 2025
•[ cyberattack, service disruption, critical infrastructure ]
Canadian utility reported a cyberattack that disrupted smart/power meters and required onsite remediation to restore accurate billing and service.
City of Saint Paul, Minnesota
July 25, 2025
•[ cyberattack, government, service disruption ]
A cyberattack on Saint Paul led to widespread service disruptions; Minnesota activated the National Guard to support response and recovery.
Polish Air Navigation Services Agency (PANSA)
July 25, 2025
•[ cyberattack, sabotage, service disruption ]
Polish authorities opened an investigation into potential sabotage affecting air traffic control systems; disruptions triggered review of cyber causes.
Orange
July 25, 2025
•[ data breach, service disruption ]
Orange detected a breach of one information system on July 25; isolating affected services caused disruptions for some business and consumer services in France. Company reports no evidence of data exfiltration as of reporting.
iiko
July 17, 2025
•[ ddos, service disruption ]
Massive DDoS attack targeted iikos data center, disrupting restaurant software operations and internal processes; company reported ongoing mitigation efforts and confirmed no customer data compromised
Orion Telekom
June 13, 2025
•[ ddos, service disruption ]
Russian internet provider Orion Telekom reported repelling a DDoS attack without data loss; temporary service interruptions were observed.
Multiple Thai government and news websites
June 9, 2025
•[ DDoS, hacktivism, service disruption ]
Cambodian hacktivist collective AnonSecKh launched DDoS attacks on June 9 2025 against Thai government and media websites hosted on common public-sector servers; traffic floods disrupted access to more than 20 sites for about two days before mitigation by ThaiCERT; no data theft or defacement reported.
Rosselkhoznadzor – Mercury (VetIS) platform
June 1, 2025
•[ service disruption, supply chain attack, government ]
Cyberattack took Russias Mercury (VetIS) animal-product certification platform offline, forcing paper certificates and disrupting dairy supply chains; major retailers (e.g., Lenta, Yandex Lavka, Miratorg) reported interruptions; restoration ongoing; no attribution.
Department of Justice of Puerto Rico
May 30, 2025
•[ service disruption ]
Cyberattack led PR DOJ and PRITS to suspend SIJC-PR services (including criminal record certificates) while containing the incident; officials reported no compromise of private data and gave no details on encryption or exfiltration.
çõрýð ÿøÑÂтð
May 30, 2025
•[ DDoS, service disruption, cyber attack ]
Bulgarian outlets reported a DDoS that attempted to take down the crash-map site created by 18-year-old Martin Atanasov; the hosting firm confirmed a mass attack and service impact before restoration.
ASVT
May 27, 2025
•[ ddos, hacktivism, service disruption ]
Major DDoS on Russian ISP ASVT disrupted internet for tens of thousands in Moscow; ASVT attributed the attack to the pro-Kyiv IT Army.
Federal Tax Service
May 20, 2025
•[ ddos, service disruption ]
Access to several major Russian state services was disrupted in a DDoS attack reported as originating from abroad; outage trackers showed issues across tax and digital key/document services.
SBIS corporate accounting service
May 20, 2025
•[ ddos, service disruption ]
BFM reported a mass foreign DDoS on SBIS on May 20 causing widespread service issues across websites and mobile apps before mitigation.
Swish
May 15, 2025
•[ ddos, service disruption ]
Swedens Swish payment service experienced a DDoS on the evening of May 15, causing widespread payment problems for under an hour before normal operations resumed; no intrusion or data compromise reported.
State of Alabama
May 13, 2025
•[ service disruption, government ]
Alabama announced a cybersecurity event and warned of possible website or service disruptions. Subsequent updates indicated limited impact with no specific primary effect confirmed.
Central Coalfields Limited
May 13, 2025
•[ website defacement, service disruption ]
Indian media reported a breach at Coal India subsidiary CCL with a defacement message left on the official site and disruption while systems were secured. Officials worked to restore functionality.
South African Airways
May 7, 2025
•[ cyberattack, service disruption ]
SAA reported a cyberattack that temporarily disrupted its website, mobile app, and multiple internal operational systems; containment actions minimized impact on core flight operations.
Dutch public & private organizations
May 1, 2025
•[ ddos, hacktivism, service disruption ]
Russia-aligned hacktivists launched large-scale DDoS causing service disruptions at Dutch public/private orgs; NCSC acknowledged incidents; no internal compromise reported.
