The second timeline of May is finally out confirming the decreasing trend (at least in terms of recorded events) that we have seen in the last few months. In fact, in this timeline I have collected 85 events, with an average rate of 5.32 events per day, which sets the minimum value for 2021. Unfortunately the “simple” number of breaches does not tell the whole story: the list of high-profile targets hit by ransomware especially continue to grow with disruptions that, unavoidably, cross the boundaries of cyber space.

Ransomware continues to dominate the threat landscape causing outages and disruptions worldwide (and yes, not even the pork meat is immune). In this timeline it has characterized, directly or indirectly one out of three events (precisely 34.12%). We are not at the same value of the previous timeline (around 45%), but the value remains high. And as I always point out, the real number could be even higher since too many organizations do not completely disclose the root cause of  unspecified outages or disruptions tracked as the outcome of a generic “cyber attack”.

The season of mega breaches continues with more and more records leaked. Omiai (Japan’s biggest dating app – 1.71 million users), DailyQuiz (13 million users) and most importantly, the Indonesian Social Security Administrator for Health (200 million records) are just few example.

Another trend that does not seem to slow down is the exploitation of vulnerabilities, which equally continues to characterize the threat landscape. And it does not matter whether the target is a remote access technology, or an application server or even a mobile phone: generic cyber criminals or state-sponsored actors continue to take the maximum advantage from this opportunity.

State-sponsored actors are always quite busy, they continue to exploit vulnerabilities, like UNC2630 or UNC2717, or even to shift their tactics, like Nobelium AKA APT29 or Cozy Bear. And curiously, even the Russian government revealed that foreign hackers had breached and stolen information from Russian federal executive bodies. Nobody is safe nowadays!

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.


The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • 2021 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2021 from the cyber attacks timelines. In the past year I have collected 2539 events, meaning...

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • Leaky Buckets: a List of Cloud Misconfigurations

    Cloud services are playing a crucial role to guarantee business continuity during this complicated period...

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.