Data RoomsMajor Cyber Incidents

Major Cyber Incidents

EuRepoC Global Database Politically motivated operations EU member states & partners

A continuously maintained record of the most consequential cyber operations against EU member states and partners, alongside the institutional responses they triggered.

4533 incidents tracked · 0 editorial briefings · 1362 responses logged · Maintained by EuRepoC research analysts · Updated 05 Jun 2026 About the room
10pct
Low
Monthly Volume RankJun 2026 · 0 incidents · smoothed 29.0
Recent activity — monthly last 18 months · ≈898 coded operations
Bar height shows how many incidents occurred that month; colour shows the global volume rank. Responses are shown below the line. The last twelve months are still receiving incidents — the striped extension and whisker on top of each bar show the Bayesian nowcast with its 90% credible interval (uncertainty collapses as months mature). Click a month to anchor the data below.
Avg intensity Low Elevated High Severe Responses
Live · monthly volume rank vs. 2022+ history
1pct
Low

Europe

−29%
0 incidents · Top: Critical infrastructure · 44 countries
1pct
Low

Asia

−27%
0 incidents · Top: Critical infrastructure · 48 countries
46pct
Moderate

Africa

−14%
0 incidents · Top: State institutions / political system · 54 countries
23pct
Low

Americas

−17%
0 incidents · Top: Critical infrastructure · 35 countries
31pct
Moderate

Oceania

−14%
0 incidents · Top: Critical infrastructure · 14 countries
21pct
Low

MENA

−25%
0 incidents · Top: Critical infrastructure · 22 countries

Publications

1 of 0
Editorial briefings

All incidents

4406 incidents · 808 responses · Live
Most recent first
01 Dec2026
Iranian State-Sponsored RedKitten Conducting Phishing Attacks On Individuals In The United Kingdom and Elsewhere in Ongoing Campaign since December 2025 to at least 29 January 20263.0
incident_id · 5259
United Kingdom · Iran, Islamic Republic of · Iranian Revolutionary Guard CorpsData theft
6 mo
01 Jun2026
Operational · across domains
The Policía Nacional and the Juzgado de Instrucción 22 of Madrid (ESP) Arrested and Prosecuted a Suspect for Mass Doxing of Strategic State Institution Members on 1 June 2026
Spanish National Police
31 May2026
Iranian State-Sponsored Hacking Group Handala Breached Holocaust Victim Support Centre in Israel on 31 May 2026unscored
incident_id · 5587
Israel · Iran, Islamic Republic of · Handala/Handala Group/Handala Hack/ Handala Hack Team/Hatef/Hamsa (MOIS)Data theft
28 May2026
Operational · in-kind
Netherlands National Cyber Security Centre and Police Conducted a Joint Operation to Take Down Large Bot Network on 28 May 2026
Netherlands’ National Cyber Security Centre
25 May2026
Unknown Threat Actors Launched DDoS Attacks On Nigeria Data Protection Commission’s Service Portal In Nigeria Between 25 and 31 May 2026unscored
incident_id · 5590
Nigeria · Not attributedDisruption
24 May2026
Unknown Threat Actor Hijacked Tunisian Telecom Operator and Sent Political Message to Customers in Tunisia on 23 May 2026unscored
incident_id · 5573
Tunisia · UnknownHijacking
Unattributed Hackers Compromised Chelan County Government Networks in United States on 24 May 2026unscored
incident_id · 5575
United States · Not attributedHijacking
23 May2026
A Threat Actor With The Alias Korenvy Breached Website Of Tierra Del Fuego Legislature In Argentina On 23 May 2026unscored
incident_id · 5580
Argentina · Unknown · KorenvyDisruption
22 May2026
Unidentified Perpetrators Breached French Payment Provider Almerys On 22 May 20262.0
incident_id · 5570
France · Not attributedData theft
Operational · across domains
Lithuania’s General Prosecutor’s Office Launched Investigation Into Unauthorised Access to State Information Systems on 22 May 2026
Lithuanian Criminal Police Bureau
21 May2026
Unknown Threat Actor Compromised Northern Mariana Islands Government Email Accounts in United States on 21 May 2026unscored
incident_id · 5565
Northern Mariana Islands · Not attributedHijacking
Operational · in-kind
[AI] Eurojust Coordinated Investigation Shuts Down Criminal VPN Network

About the room

This data room is a continuously maintained record of the cyber operations EuRepoC codes as major — those of demonstrable political, economic, or infrastructural consequence to the European Union and its partners — alongside the institutional responses they provoke. Incidents with a full analytical write-up appear as briefings; every other coded operation is listed as a structured record.

Responses are tracked as first-class entities: advisories, formal attributions, indictments, and sanctions are dated and sourced back to the EuRepoC dataset.

How Cyber Intensity is calculated What makes an incident "major" Browse the full EuRepoC database Coding methodology & sources
EuRepoC Global Database — Updated 05 Jun 2026.