Cyber Incident Victim: Tageblatt

On the evening of Monday, 16 June 2025, the website of the Luxembourgish newspaper Tageblatt came under a distributed denial-of-service (DDoS) attack, as confirmed by the publication itself in an update posted at 17:38 UTC and revised at 17:52 UTC on 18 June 2025. The attack involves overwhelming the newspaper's servers with a massive volume of requests originating from numerous different countries, a classic tactic designed to exhaust server resources and render the site inaccessible to legitimate users. The Tageblatt's technology team is actively engaged in responding to this incident, working to mitigate the attack's effects and restore normal service. However, due to the sustained nature of the offensive, readers and visitors are currently experiencing intermittent or complete unavailability of the Tageblatt.lu website. The publication explicitly stated that such service disruptions are a direct and ongoing consequence of the hacker assault, which began late on Monday and persisted into the following days. The editorial team communicated this situation transparently to its audience, acknowledging the technical difficulties while expressing hope for a swift resolution. This incident represents a significant operational disruption, directly impacting the newspaper's primary digital platform for news distribution and reader engagement. The attack's distributed origin from multiple countries complicates defensive efforts, as traffic must be filtered to distinguish malicious requests from legitimate user access. The Tageblatt's public statement serves as both an incident notification and a status update, indicating that the situation remains dynamic and under active technical management as of the last report.

This DDoS attack is not an isolated event in the recent history of the Tageblatt; the publication explicitly notes it is "not zum ersten Mal im Visier von Hackern" (not for the first time in the sights of hackers). The article references a previous, large-scale cyber incident that occurred in March 2025, during which a group of cybercriminals, claiming affiliation with pro-Russian activists, launched attacks against state infrastructure. Within that broader campaign, the hackers specifically targeted the Tageblatt's website. The stated motive for targeting the newspaper, as reported by Tageblatt, was that the editorial staff had shown "keinen Respekt" (no respect) towards the attackers. This prior context establishes a pattern of the newspaper being deliberately selected for retaliation based on its editorial content or perceived stance. The current June attack, while described in the present tense without a claimed motive at the time of writing, occurs against this backdrop of previous politically-tinged cyber aggression. The March incident involved a "groß angelegten Angriff" (large-scale attack) on state systems, suggesting the perpetrators had capabilities beyond a simple DDoS and were pursuing broader disruptive goals. The Tageblatt's inclusion in that earlier attack was presented as a punitive measure for its journalism. Therefore, the ongoing DDoS attack in June continues a trend of the publication facing digital assaults that appear linked to its published content and the reactions it provokes from extremist or activist factions. The newspaper's response in both instances has been to publicly acknowledge the attack, attribute it to hackers, and detail the technical impact on its services, while its technology team works to maintain operations under duress.