The second timeline of May is finally out confirming the decreasing trend (at least in terms of recorded events) that we have seen in the last few months. In fact, in this timeline I have collected 85 events, with an average rate of 5.32 events per day, which sets the minimum value for 2021. Unfortunately the “simple” number of breaches does not tell the whole story: the list of high-profile targets hit by ransomware especially continue to grow with disruptions that, unavoidably, cross the boundaries of cyber space.

Ransomware continues to dominate the threat landscape causing outages and disruptions worldwide (and yes, not even the pork meat is immune). In this timeline it has characterized, directly or indirectly one out of three events (precisely 34.12%). We are not at the same value of the previous timeline (around 45%), but the value remains high. And as I always point out, the real number could be even higher since too many organizations do not completely disclose the root cause of  unspecified outages or disruptions tracked as the outcome of a generic “cyber attack”.

The season of mega breaches continues with more and more records leaked. Omiai (Japan’s biggest dating app – 1.71 million users), DailyQuiz (13 million users) and most importantly, the Indonesian Social Security Administrator for Health (200 million records) are just few example.

Another trend that does not seem to slow down is the exploitation of vulnerabilities, which equally continues to characterize the threat landscape. And it does not matter whether the target is a remote access technology, or an application server or even a mobile phone: generic cyber criminals or state-sponsored actors continue to take the maximum advantage from this opportunity.

State-sponsored actors are always quite busy, they continue to exploit vulnerabilities, like UNC2630 or UNC2717, or even to shift their tactics, like Nobelium AKA APT29 or Cozy Bear. And curiously, even the Russian government revealed that foreign hackers had breached and stolen information from Russian federal executive bodies. Nobody is safe nowadays!

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.


The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • photo of turned on laptop computer1-15 April 2024 Cyber Attacks Timeline

    In the first timeline of April 2024 I collected 107 events (7.13 events/day), as always characterized by a majority of malware attacks.

  • Photo by Markus Spiske on Unsplash16-31 August 2022 Cyber Attacks Timeline

    The growing trend of attacks continued also in the second half of August, where I collected...

  • Featured Image Q1 2024Q1 2024 Cyber Attacks Statistics

    I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2024. In this period, I collected a total of 833 events (9.15 events/day) dominated by Cyber Crime with 75.2%...

  • Image from Vic_B from Pixabay1-15 April 2022 Cyber Attacks Timeline

    After the peak of March (in the meantime I have added more records to the previous timeline bringing the total to 150), the level of activity continues to be...

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.