The second timeline of May is finally out confirming the decreasing trend (at least in terms of recorded events) that we have seen in the last few months. In fact, in this timeline I have collected 85 events, with an average rate of 5.32 events per day, which sets the minimum value for 2021. Unfortunately the “simple” number of breaches does not tell the whole story: the list of high-profile targets hit by ransomware especially continue to grow with disruptions that, unavoidably, cross the boundaries of cyber space.

Ransomware continues to dominate the threat landscape causing outages and disruptions worldwide (and yes, not even the pork meat is immune). In this timeline it has characterized, directly or indirectly one out of three events (precisely 34.12%). We are not at the same value of the previous timeline (around 45%), but the value remains high. And as I always point out, the real number could be even higher since too many organizations do not completely disclose the root cause of  unspecified outages or disruptions tracked as the outcome of a generic “cyber attack”.

The season of mega breaches continues with more and more records leaked. Omiai (Japan’s biggest dating app – 1.71 million users), DailyQuiz (13 million users) and most importantly, the Indonesian Social Security Administrator for Health (200 million records) are just few example.

Another trend that does not seem to slow down is the exploitation of vulnerabilities, which equally continues to characterize the threat landscape. And it does not matter whether the target is a remote access technology, or an application server or even a mobile phone: generic cyber criminals or state-sponsored actors continue to take the maximum advantage from this opportunity.

State-sponsored actors are always quite busy, they continue to exploit vulnerabilities, like UNC2630 or UNC2717, or even to shift their tactics, like Nobelium AKA APT29 or Cozy Bear. And curiously, even the Russian government revealed that foreign hackers had breached and stolen information from Russian federal executive bodies. Nobody is safe nowadays!

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.


The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • Q2 2021 Cyber Attack Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2021...

  • 16-30 June 2021 Cyber Attacks Timeline

    The second cyber attacks timeline of June is finally out, where I have collected 102 events, a number that shows a slight decrease compared to...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • June 2021 Cyber Attacks Statistics

    Yesterday I have published the Cyber Attacks Timelines of June (part I and part II), so now I can finally publish the statistics. In June I have collected 211 significant events...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.