Europe
European Commission
In one of the major cyber incidents, the European Commission is investigating a cyberattack that affected its cloud infrastructure and resulted in the theft of 350 GB of data from its Europa.eu portal.
The European Union’s executive arm was targeted again just months after a previous incident involving a mobile device management system. Reports indicate that the latest attack affected the Commission’s Amazon Web Services environment, which hosts the Europa.eu platform. The scale of the data theft has raised concerns about the potential impact on user-facing services.
Meanwhile, the cybercriminal group ShinyHunters claimed responsibility for the attack and shared screenshots allegedly showing employee data and access to an email server as proof of the breach.
SourceHow it could affect your business
These repeated attacks come at a time when the EU and UK are tightening cybersecurity regulations across sectors. Frameworks such as the EU’s NIS2 Directive and similar UK regulations require organizations to implement stronger risk management, incident reporting and supply chain security controls. In this environment, strengthening defenses is critical to remain compliant and resilient against evolving threats.
United States
Alamo Heights Independent School District
Alamo Heights Independent School District in Texas was locked out of internet access and Gmail services on Monday, March 23, disrupting operations across the district.
The district informed parents that a system disruption affected core services, including Wi-Fi and Gmail, across school buildings and offices. While the exact cause has not been confirmed, reports suggest the incident may be cyber-related rather than a routine connectivity issue.
According to the latest update, third-party forensic specialists are working with the district’s IT team to investigate and restore systems, with full recovery expected to take several days.
SourceHow it could affect your business
Cyberattacks continue to disrupt schools and universities, impacting learning environments and critical administrative operations. Educational institutions need stronger defenses, including proactive threat monitoring and well-tested backup and disaster recovery strategies to maintain continuity during such incidents.
United States
City of Moorhead
In another incident affecting public services, the city of Moorhead in Minnesota reported that one of its vendors experienced a cyberattack, raising concerns about potential exposure of employee and user data.
The city said that its Parks and Recreation registration provider, Sportsman Software, experienced an outage in late February through early March that has now been linked to a cyberattack. While the vendor stated that no customer credit card data was exposed, an investigation is ongoing to determine whether personal customer or employee information was compromised.
City officials noted that no city-controlled systems were affected. At present, the potential exposure appears limited to certain images and documents stored in the vendor’s system, with further investigation underway to identify impacted individuals.
SourceHow it could affect your business
Third-party breaches are increasingly used as an entry point to compromise public institutions and access sensitive citizen data. To reduce risk, organizations should enforce strict vendor security requirements, limit third-party access to only necessary systems and continuously monitor integrations to detect suspicious activity early.
United States
QualDerm Partners
In a major health care breach, health care management services provider QualDerm Partners is notifying more than 3.1 million individuals that their personal, medical and health insurance information was exposed in a December 2025 data breach.
The dermatology services provider discovered the incident on December 24, when unauthorized access to its network occurred over a two-day period. During that time, threat actors accessed a limited number of systems and extracted certain sensitive data stored within them.
The compromised information includes names, addresses, dates of birth, email addresses, medical record numbers, physician names, treatment and diagnosis details, health insurance information, dates of death and, in some cases, government-issued ID data. QualDerm stated that its investigation is ongoing and that affected individuals identified so far are being notified.
SourceHow it could affect your business
Exposing data at this scale creates significant opportunities for spear-phishing and social engineering campaigns. Attackers can use detailed medical and personal information to craft highly convincing messages. Organizations should strengthen user awareness to help individuals recognize suspicious outreach, while also implementing tighter access controls, continuous monitoring and clear incident response plans to limit further exploitation.
Europe
IBB Institut für Bildung und Beratung
The ransomware group Qilin claimed responsibility for a cyberattack targeting IBB Institut für Bildung und Beratung, a leading educational institution in Austria.
IBB Institut für Bildung und Beratung is a family-run German education provider offering school programs, vocational training and professional development courses. The incident, discovered on March 28, reportedly puts student records, staff payroll data and family contact information at risk.
SourceHow it could affect your business
A data leak of this nature can quickly lead to targeted phishing campaigns, including fake emails or messages posing as educational updates or account notifications. Users should verify the authenticity of any communication through official channels before responding or sharing sensitive information, as attackers often rely on urgency and familiarity to trick recipients.
