The second timeline of January 2022 is out, bringing 99 events (corresponding to an average of 6.19 events/day), an 11% increase compared with the 88 events of the first timeline.

The novelty is that, despite ransomware continues to dominate the threat landscape, its impact dropped to 15.1% (corresponding to 15 out of 99 events directly or indirectly characterized by this threat) from 30% of the previous fortnight. Instead, what seems clear, is that the exploitation of vulnerabilities of any kind continues relentless, characterizing 15 out of 99 events, or in terms of percentage, 15.1% of events that is more than double than 7.1% of the previous period.

Another trend that is characterizing this initial part of the new year is the return of the massive hack against organizations in the fintech space. Qubit Finance and have suffered two massive attacks causing the loss of respectively $80 and $34 million worth. Similarly a bug in the Multichain protocol has been routinely exploited, totaling the equivalent of $1.5 million to the attackers.

And the new season of mega breaches has also begun: OpenSubtitles has joined the list, having been hit by a massive breach causing the compromise of 6.7 million accounts.

The cyber espionage front is naturally very rich, with multiple campaigns by well-known threat actors such as APT27 (AKA Emissary Panda), APT28 (AKA Fancy Bear), APT29 (AKA Cozy Bear), APT41 (AKA Winnti), APT-C-35 (AKA Donot Team), without considering the growing numbers of Individuals and governments that discovered or revealed to have been spied via the infamous Pegasus spyware.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Q2 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...

  • July 2023 Cyber Attacks Statistics

    After the cyber attacks timelines, it’s time to publish the statistics of June 2023 where I have collected and analyzed 384 events, yet another record number driven...

  • Image by Dee from Pixabay16-31 July 2023 Cyber Attacks Timeline

    New victims of attacks carried out by the Clop (AKA Cl0p) ransomware gang exploiting the CVE-2023-34362 MOVEit vulnerability emerged even during...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.