1-15 September 2022 Cyber Attacks Timeline

EVENTS

EVENTS/DAY

EVENTS

EVENTS/DAY

September confirmed the high level of activity in the cyber space. Despite the number of recorded events registered a light decrease, the overall amount continues to be quite high as shown in the 12 months trend chart.

As also quite high continues to be the impact of ransomware, stable at 27.7% (38 out of 137 events), a value substantially in line with the one experienced in the second half of August (27.2%). On the other hand, the impact of vulnerabilities played a role in the 10.9% of events, (15 out of 137 events) with a sharp increase compared to 6.9% of the previous timeline.

1-15 August 2023 Cyber Attacks Timeline

In the first timeline of August, I collected 169 events (corresponding to 11.27 events per day), a considerable decrease compared to the the second half of July…

Unfortunately the hacks against fintech platform only experienced a break during the Summer, with three new organizations hit by attackers able to steal the equivalent of nearly $2M in cryptovalues.

The number of operations in cyber space linked to the conflict in Ukraine continue to decrease, however the Anonymous collective hit the headlines thanks to an alleged cyber attack that spread havoc in the Yandex Taxi app, creating a massive jam in Moscow. On the other hand the Gamaredon group continued to target entities in Ukraine, and interestingly threat actors from the infamous ransomware group Conti repurposed their malicious intentions against Ukraine in a new threat actor dubbed UAC-0098.

And unsurprisingly, the cyber espionage front is always rich of events with old acquaintances, such as the North Korean Lazarus Group, and the Iranian Charming Kitten, but also newcomers, such as Worok.

As usual the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map September H1 2022

ID	Date Reported	Date Occurred	Date Discovered	Author	Target	Description	Attack	Target Class	Attack Class	Country	Link	Tags
1	01/09/2022	15/08/2022	15/08/2022	Hive	Damart	Damart, a French clothing company with over 130 stores across the world, is being extorted for $2 million after a cyberattack from the Hive ransomware gang.	Malware	Manufacturing	CC	FR		Damart, Hive, Ransomware
2	01/09/2022	22/07/2022	-	?	Instagram users	Researchers from Vade discover a new Instagram phishing campaign, attempting to scam users of the popular social media platform by luring them with a blue-badge offer.	Account Takeover	Individual	CC	>1		Vade, Instagram
3	01/09/2022	-	-	?	Cyber Criminals using the Prynt Stealer malware	Researchers from Zscaler reveal that the Prynt Stealer malware is infected with a backdoor that allows the malware developer to receive a copy of the stolen information over Telegram.	Malware	Other service activities	CC	N/A		Zscaler, Prynt Stealer Telegram.
4	01/09/2022	-	-	CodeRAT	Farsi-speaking software developers	Researchers from SafeBreach Labs uncover CodeRAT, a new Remote Access Trojan (RAT), which appears to originate from Iran, and is targeting Farsi-speaking software developers.	Malware	Individual	CC	IR		SafeBreach Labs, CodeRAT, Iran
5	01/09/2022	Since at least 26/08/2022	-	?	Vulnerable e-commerce sites	Researchers from Cyble discover a new, highly evasive JavaScript skimmer used by Magecart threat actors.	Malicious Script Injection	Wholesale and retail	CC	>1		Cyble, Magento, Magecart
6	01/09/2022	End of July 2022	End of July 2022	?	Large international nonprofit agency	Researchers from Armorblox discover a new phishing campaign aimed at American Express customers.	Account Takeover	Extraterritorial orgs and bodies	CC	N/A		Armorblox, American Express
7	01/09/2022	06/12/2021	06/12/2021	?	Radiant Logistics	Radiant Logistics discloses to have suffered a ransomware attack.	Malware	Transportation and storage	CC	US		Radiant Logistics, ransomware
8	01/09/2022	05/08/2022	10/08/2022	?	Legacy Supply Chain Services	Legacy Supply Chain Services confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on its network.	Unknown	Transportation and storage	CC	US		Legacy Supply Chain Services
9	01/09/2022	-	-	REvil	Midea Group	The REvil ransomware group claims to have breached Midea Group, a major Chinese electrical appliance manufacturer.	Malware	Manufacturing	CC	CN		REvil, ransomware, Midea Group
10	01/09/2022	During June 2022	-	?	Tulsa Tech	Tulsa Tech reveals that someone stole data belonging to students who were enrolled in its classes between 1986 and 1999.	Unknown	Education	CC	US		Tulsa Tech
11	01/09/2022	'Recently'	'Recently'	DarkAngels	Linux systems	Researchers from Uptycs discover a new ransomware (likely a variant of the DarkAngels ransomware) targeting Linx systems.	Malware	Multiple Industries	CC	>1		Uptycs, DarkAngels, ransomware, Linux
12	01/09/2022	24/04/2022	01/09/2022	LockBit 3.0	Costa Rica’s Junta De Proteccion Social	Costa Rica’s Junta De Proteccion Social is added to LockBit 3.0’s leak site, with the ransomware gang claiming to have about 7.8 GB of information.	Malware	Public admin and defence, social security	CC	CR		Costa Rica, Junta De Proteccion Social, LockBit 3.0’s, ransomware
13	01/09/2022	-	-	Bjorka	Undisclosed organization	An unknown attacker named Bjorka leaks the SIM data of 1.3 billion SIM numbers in Indonesia.	Unknown	Information and communication	CC	ID		Bjorka, Indonesia
14	02/09/2022	01/09/2022	01/09/2022	Anonymous	Yandex Taxi	The Anonymous announce to have hacked the Yandex Taxi app, the largest taxi service in Russia, and used it to cause a massive traffic jam in Moscow. The threat actors ordered all available taxis to a particular address.	Unknown	Transportation and storage	H	RU		Anonymous, Yandex Taxi
15	02/09/2022	End of July 2022	04/08/2022	?	Samsung	Samsung confirms a new data breach after some of its U.S. systems were hacked to steal customer data.	Unknown	Manufacturing	CC	US		Samsung
16	02/09/2022	-	-	?	Undisclosed organization(s)	Google releases Chrome 105.0.5195.102 for Windows, Mac, and Linux users to fix CVE-2022-3075, a vulnerability exploited in the wild.	CVE-2022-3075 Vulnerability	Unknown	N/A	N/A		Google, Chrome 105.0.5195.102, CVE-2022-3075
17	02/09/2022	Since at least 16/08/2022	16/08/2022	SharkBot	Banking users in Android	Researchers from Fox IT discover a new and upgraded version of the SharkBot malware, returned to Google's Play Store, and targeting banking logins of Android users through apps that have tens of thousands of installations ("Mister Phone Cleaner” and “Kylhavy Mobile Security")	Malware	Finance and insurance	CC	AT AU DE ES PL US		Fox IT, SharkBot, Google's Play Store, Android, Mister Phone Cleaner, Kylhavy Mobile Security
18	02/09/2022	02/09/2022	02/09/2022	?	Bardstown Connect	A ransomware attack takes down Bardstown Connect, the municipal ISP of the city of Bardstown.	Malware	Information and communication	CC	US		Bardstown Connect, ransomware
19	02/09/2022	Since August 2022	During August 2022	?	Italian energy operators	The Italian National Cyber Security Agency warns that attacks on Italian energy operators and infrastructure are increasing after the ones to ENI and GSE.	Unknown	Electricity, gas steam, air conditioning	CC	IT		Italy, National Cyber Security Agency, ENI, GSE
20	02/09/2022	17/12/2021	24/12/2021	?	Radiology Ltd	Radiology Ltd discloses a security breach.	Unknown	Professional, scientific and technical	CC	US		Radiology Ltd
21	02/09/2022	17/12/2021	24/12/2021	?	Gateway Diagnostics Imaging	Gateway Diagnostics Imaging discloses a security breach.	Unknown	Professional, scientific and technical	CC	US		Gateway Diagnostics Imaging
22	02/09/2022	04/07/2022	-	?	Reiter Affiliated Companies	Reiter Affiliated Companies reports a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after sensitive consumer information entrusted to the company was accessed by an unauthorized party.	Unknown	Accommodation and food service	CC	US		Reiter Affiliated Companies
23	02/09/2022	Between 19/01/2022 and 11/04/2022	11/04/2022	?	Genesis Health Care	Genesis Health Care reports a data breach after the company discovered that an unauthorized party had access to its computer system for a period of nearly three months.	Unknown	Human health and social work	CC	US		Genesis Health Care
24	02/09/2022	11/07/2022	11/07/2022	?	Physicians’ Spine and Rehabilitation Specialists of Georgia	The Physicians’ Spine and Rehabilitation Specialists of Georgia confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data through what appears to be a ransomware attack.	Malware	Human health and social work	CC	US		Physicians’ Spine and Rehabilitation Specialists of Georgia, ransomware
25	02/09/2022	-	23/06/2022	?	CBC Group (CBC)	CBC Group (CBC) reports a data breach resulting in the names, Social Security numbers, driver’s licenses or government identification card numbers, financial account numbers, and passport numbers of certain individuals being compromised.	Unknown	Wholesale and retail	CC	US		CBC Group, CBC
26	02/09/2022	-	-	Zanubis	Peruvian banks and social media applications	Researchers from Cyble discover a new Android banking trojan, dubbed Zanubis, targeting Peruvian banks and social media applications.	Malware	Finance and insurance	CC	PE		Cyble, Zanubis
27	02/09/2022	-	-	DESORDEN	Boga Group	Hackers known as DESORDEN hit BOGA Group, which operates more than 200 restaurants and outlets across Indonesia and Malaysia, and acquire more than 400,000 customer records and 16,000 employee records.	Unknown	Accommodation and food service	CC	ID		DESORDEN, Boga Group
28	02/09/2022	31/08/2022	19/08/2022	Hive	NCG Medical	NCG Medical is hit with a Hive ransomware attack.	Malware	Human health and social work	CC	US		NCG Medical, Hive, ransomware
29	02/09/2022	-	-	Two individuals	Rug Pull Finder	Two individuals steal 450 NFTs from Rug Pull Finder, a security company that offers smart contract audits to blockchain companies.	Vulnerability	Fintech	CC	N/A		Rug Pull Finder
30	02/09/2022	Between17/12/2021 and 24/12/2021	24/12/2021	?	Buffalo MRI	Buffalo MRI files an official report with the Attorney General of Montana confirming that the company experienced a data breach after an unauthorized party obtained access to sensitive consumer information stored on the company’s computer network.	Unknown	Human health and social work	CC	US		Buffalo MRI, Windsong Radiology
31	03/09/2022	-	02/09/2022	AgainstTheWest	Unknown organization	A group known as 'AgainstTheWest' claims to have breached both TikTok and WeChat, sharing screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.	Unknown	Unknown	CC	N/A		AgainstTheWest, TikTok, WeChat
32	03/09/2022	03/09/2022	03/09/2022	DeadBolt	QNAP users	QNAP warns customers of ongoing DeadBolt ransomware attacks, exploiting a zero-day vulnerability in Photo Station.	0-day vulnerability	Multiple Industries	CC	>1		QNAP, DeadBolt, ransomware, Photo Station
33	03/09/2022	-	-	?	Individuals in Ukraine	The Cyber Department of the Ukrainian Security Service (SSU) dismantles two more bot farms, in the regions of Kyiv and Odesa, that spread Russian disinformation on social networks and messaging platforms via thousands of fake accounts.	Coordinated Inauthentic Behavior	Individual	CW	UA		Cyber Department of the Ukrainian Security Service, SSU, Kyiv, Odessa, Russia, Ukraine
34	03/09/2022	05/07/2022	04/08/2022	?	KeyBank	Attackers steal personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, after successfully breaching the insurance services provider Overby-Seawell.	Account Takeover	Finance and insurance	CC	US		KeyBank, Overby-Seawell
35	03/09/2022	-	-	RansomExx	National Fund for Educational Development (FNDE)	The RansomExx ransomware group leaks 62 TB of files from the National Fund for Educational Development (FNDE).	Malware	Public admin and defence, social security	CC	BR		RansomExx, ransomware, National Fund for Educational Development, FNDE
36	03/09/2022	-	-	Kelvin Security	Undisclosed retailer	Kelvin Security puts on sale a 310Gb archive containing the data of 10 million Italian Vodafone customers.	Unknown	Wholesale and retail	CC	IT		Kelvin Security, Vodafone
37	04/09/2022	-	-	GhostSec	Multiple organizations in Israel	Pro-Palestinian Hacking Group GhostSec claims to have compromised 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations as part of a Free Palestine campaign.	Unknown	Electricity, gas steam, air conditioning	H	IL		Palestine, GhostSec, Berghof, Israel
38	04/09/2022	-	-	Hackers linked to Iran	Mossad chief David Barnea	Hackers linked to Iran publish personal photos and medical records of Mossad intelligence agency chief David Barnea, after accessing his wife phone.	Account Takeover	Individual	H	IL		Mossad, David Barnea, Iran
39	05/09/2022	-	-	?	Multiple organizations	Researchers from Resecurity discover EvilProxy (AKA Moloch), a new Phishing-as-a-Service (PaaS) platform able to steal authentication tokens to bypass multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI.	Account Takeover	Multiple Industries	CC	>1		Resecurity, EvilProxy, Moloch, Phishing-as-a-Service, PaaS, Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, PyPI
40	05/09/2022	Since at least 25/08/2022	-	China?	Uyghur Community in China	Researchers from Cyble discover a new Android malware used to spy on the Uyghur Community.	Targeted Attack	Individual	CE	CN		Cyble, Android, Uyghur
41	06/09/2022	04/09/2022	04/09/2022	Vice Society	Los Angeles Unified School District (LAUSD)	Los Angeles Unified School District (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems,	Malware	Education	CC	US		Los Angeles Unified School District, LAUSD, ransomware, Vice Society
42	06/09/2022	Since at least 2020	During February 2022	Worok	Targets from Africa and the Middle East	Researchers from ESET discover Worok, a newly discovered cyber-espionage group, hacking governments and high-profile companies in Asia since at least 2020 using a combination of custom and existing malicious tools.	Targeted Attack	Multiple Industries	CE	>1		Worok, ESET
43	06/09/2022	-	-	Shikitega	Endpoints and IoT devices running Linux	Researchers from AT&T discover Shikitega, a new stealthy Linux malware infecting computers and IoT devices with additional payloads.	Malware	Multiple Industries	CC	>1		AT&T, Shikitega, Linux
44	06/09/2022	05/09/2022	05/09/2022	Couple from Vietnam	InterContinental Hotels Group PLC (AKA IHG Hotels & Resorts)	Hospitality company InterContinental Hotels Group PLC (also known as IHG Hotels & Resorts) says its information technology (IT) systems have been disrupted after its network was breached. A couple from Vietnam claims responsibility for the attack.	Unknown	Accommodation and food service	CC	UK		InterContinental Hotels Group PLC, IHG Hotels & Resorts
45	06/09/2022		-	Vice Society	U.S. school districts	FBI, CISA, and MS-ISAC warn of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the start of the new school year.	Malware	Education	CC	US		FBI, CISA, MS-ISAC, Vice Society, ransomware
46	06/09/2022		Since early August	Since early August	Vulnerable D-Link routers	Researchers from Palo Alto Networks reveal that the Mirai malware botnet variant known as ‘MooBot’ has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits.	Malware	Multiple Industries	CC	>1		Palo Alto Networks, Mirai, MooBot, D-Link
47	06/09/2022	Since 2020	-	DangerousSavanna	Major financial institutions in Ivory Coast, Morocco, Cameroon, Senegal, and Togo	Researchers from Check Point reveal the details of DangerousSavanna, a malicious campaign targeting multiple major financial groups in French-speaking Africa.	Account Takeover	Finance and insurance	CC	CI CM MA SN TG		Check Point, DangerousSavanna
48	06/09/2022	05/09/2022	05/09/2022	?	Go-Ahead	Transportation group Go-Ahead shares a statement with the London Stock Exchange indicating “unauthorized activity” had been discovered on its network.	Unknown	Transportation and storage	CC	UK		Go-Ahead
49	06/09/2022	Since at least 2019	-	Evil Corp (aka TA505 or UNC2165)	More than 8,000 different organizations and individuals	Researchers from the Prodraft Threat Intelligence (PTI) reveal that the Evil Corp ransomware gang (aka TA505 or UNC2165) has used a new cyberattack panel called TeslaGun to carry out mass phishing campaigns and targeted campaigns against more than 8,000 different organizations and individuals. The majority of targets have been in the US, which accounted for more than 3,600 of the victims, with a scattered international distribution outside of that.	Account Takeover	Multiple Industries	CC	>1		Prodraft Threat Intelligence, PTI, Evil Corp, ransomware, TA505, UNC2165, Teslagun
50	06/09/2022	Since August 2022	During August 2022	Ares	Banking users	Researchers from Zscaler discover a new version of the Ares banking trojan that introduces a domain generation algorithm (DGA), which mirrors the Qakbot DGA	Malware	Finance and insurance	CC	>1		Ares, Zscaler
51	07/09/2022	Since April 2022	Since April 2022	UAC-0098	Ukrainian organizations, the Ukrainian government, and European humanitarian and non-profit organizations.	Researchers from Google Threat Analysis Group (TAG) says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs).	Targeted Attack	Public admin and defence, social security	CE	UA		Google TAG, Threat Analysis Group, Conti, UAC-0098, Russia, Ukraine
52	07/09/2022	-	-	?	Cobalt Strike servers operated by former members of the Conti ransomware gang	Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.	DDoS	Other service activities	H	N/A		Conti, Cobalt Strike, Russia, Ukraine
53	07/09/2022	Since 2015	During 2022	APT42	Over 30 organizations in 14 countries	Researchers from Mandiant reveal the details of APT42, a new Iranian state-sponsored hacking group using a custom Android malware to spy on targets of interest.	Targeted Attack	Multiple Industries	CE	>1		Mandiant, APT42
54	07/09/2022	26/07/2022	11/08/2022	?	The North Face	Outdoor apparel brand 'The North Face' is targeted in a large-scale credential stuffing attack resulting in the hacking of 194,905 accounts on the thenorthface.com website.	Credential Stuffing	Manufacturing	CC	US		The North Face, thenorthface.com
55	07/09/2022	-	-	DEV-0270 (AKA Nemesis Kitten)	Multiple organizations	Researchers from Microsoft reveal that an Iranian state-sponsored threat group tracked as DEV-0270 (aka Nemesis Kitten) has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems.	Multiple vulnerabilities	Multiple Industries	CC	>1		Microsoft, Iran, DEV-0270, Nemesis Kitten, BitLocker, Windows, Ransomware
56	07/09/2022	Since at least end of August 2022	End of August 2022	Bumblebee	Multiple organizations	Researchers from Cyble discover a new version of the Bumblebee malware loader, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory.	Malware	Multiple Industries	CC	>1		Cyble, Bumblebee, PowerSploit
57	07/09/2022	-	-	Russian attackers?	Canarbino	Canarbino is the third energy group in Italy to suffer a cyber attack allegedly carried out by Russian threat actors.	Unknown	Electricity, gas steam, air conditioning	CC	IT		Canarbino, Russia
58	07/09/2022	26/08/2022	06/09/2022	?	Vulnerable WordPress sites	Researchers from Defiant reveal that a recently resolved vulnerability in the BackupBuddy WordPress plugin (CVE-2022-31474) is being exploited in malicious attacks.	CVE-2022-31474 Vulnerability	Multiple Industries	CC	>1		Defiant, BackupBuddy, WordPress, CVE-2022-31474
59	07/09/2022	-	-	Killnet	Several companies and 20 websites across four government ministries in Japan	The Russia–affiliated group Killnet claims responsibility for a series of cyber–attacks against Japanese companies and 20 websites across four government ministries.	DDoS	Public admin and defence, social security	H	JP		Killnet, Russia
60	07/09/2022	During September 2022	During September 2022	Bjorka	General Elections Commission of Indonesia	A hacker under the moniker of Bjorka claims to have hacked the General Elections Commission of Indonesia and leaks the data of 105 million citizens.	Unknown	Public admin and defence, social security	CC	ID		Bjorka, General Elections Commission of Indonesia
61	07/09/2022	Since 20/08/2022	Since 20/08/2022	?	Multiple ransomware groups including LockBit, ALPHV (aka BlackCat), Quantum, LV, Hive, Everest, BianLian, Yanluowang, Snatch, and Lorenz.	Researchers from Cisco Talos reveal that multiple ransomware data leak sites experience DDoS attacks, facing intermittent outages and connectivity issues	DDoS	Other service activities	N/A	N/A		Ransomware, LockBit, ALPHV, BlackCat, Quantum, LV, Hive, Everest, BianLian, Yanluowang, Snatch, Lorenz, Cisco Talos
62	07/09/2022	-	-	BianLian	Alegria Family Services (AFS)	The BianLian ransomware group hits Alegria Family Services (AFS), a community services organization for adults with disabilities.	Malware	Human health and social work	CC	US		BianLian, ransomware, Alegria Family Services, AFS
63	07/09/2022	-	-	?	Municipality of Ourique	The municipality of Ourique discloses to have suffered a ransomware attack,	Malware	Public admin and defence, social security	CC	PT		Municipality of Ourique, ransomware
64	07/09/2022	-	-	?	Avalanche blockchain	An attacker steals at least $370,000 worth of USDC stablecoins from a smart contract on the Avalanche blockchain in a flash loan attack, affecting multiple liquidity providers.	Flash loan	Fintech	CC	N/A		Avalanche blockchain
65	08/09/2022	-	-	?	Portugal Estado-Maior-General das Forças Armadas AKA Armed Forces General Staff agency of Portugal (EMGFA)	The Armed Forces General Staff agency of Portugal (EMGFA) suffers a cyberattack that allegedly allowed the theft of classified NATO documents, which are now sold on the dark web.	Unknown	Public admin and defence, social security	CC	PT		Portugal Estado-Maior-General das Forças Armadas, Armed Forces General Staff agency of Portugal, EMGFA, NATO
66	08/09/2022	Between February and July 2022	-	Lazarus Group	Energy providers in the United States, Canada, and Japan.	Researchers from Cisco Talos discover a new campaign by the North Korean APT group 'Lazarus', exploiting VMWare Horizon servers vulnerabilities (Log4j) to access the corporate networks of energy providers in the United States, Canada, and Japan, via the custom malware families VSingle', 'YamaBot' and a previously unknown remote access trojan (RAT) named 'MagicRAT'.	Targeted Attack	Electricity, gas steam, air conditioning	CE	US CA JP		Cisco Talos, North Korea, Lazarus, VMWare Horizon, VSingle, YamaBot, MagicRAT
67	08/09/2022	Approximately two weeks before	03/09/2022	Avos Locker	Savannah College of Art and Design (SCAD)	Savannah College of Art and Design (SCAD) discloses to have suffered a ransomware attack.	Malware	Arts entertainment, recreation	CC	US		Savannah College of Art and Design, SCAD, ransomware, Avos Locker
68	08/09/2022	-	During June and July 2022,	BRONZE PRESIDENT	Government officials of several countries in Europe, the Middle East, and South America	Researchers from Secureworks reveal the details of the latest campaign by the Chinese threat actor BRONZE PRESIDENT using the PlugX malware.	Targeted Attack	Public admin and defence, social security	CE	>1		Secureworks, China, BRONZE PRESIDENT, PlugX
69	08/09/2022	-	-	?	Eurocell	Eurocell, a leading British PVC manufacturer, contacts current and former employees to inform them about a “substantial” data breach.	Unknown	Manufacturing	CC	UK		Eurocell
70	08/09/2022	-	-	?	DaVita	DaVita confirms that the company experienced a data breach after an unauthorized party accessed sensitive consumer data entrusted to the company.	Unknown	Human health and social work	CC	US		DaVita
71	08/09/2022	-	-	?	Wilson’s Gun Shop	Wilson’s Gun Shop confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer information that was entrusted to the company.	Unknown	Manufacturing	CC	US		Wilson’s Gun Shop
72	08/09/2022	End of July 2022	End of July 2022	?	Undisclosed organization	Researchers from Avanan discover a phishing campaign spoofing their own brand.	Account Takeover	Unknown	CC	N/A		Avanan
73	08/09/2022	-	17/08/2022	Snatch Team	Stratford University	Stratford University is allegedly hacked by the Snatch Team ransomware group.	Malware	Education	CC	US		Stratford University, Snatch Team, ransomware
74	08/09/2022	-	-	?	Codelco	Attackers compromise the DB of COVID-19 tracking platform of the Codelco mining company and list it for sale on a popular forum. Almost 17,500 emails and more than 1,800 are from corporate users.	Unknown	Mining and quarrying	CC	CL		Codelco
75	08/09/2022	-	-	?	New Free DAO	An attacker steals $1.25 million worth of cryptocurrency from newly established decentralized finance protocol New Free DAO in a flash loan attack. The thief cashes out nearly half of the stolen funds so far.	Flash Loan	Fintech	CC	N/A		New Free DAO
76	08/09/2022	-	-	?	Teknozone	Teknozone, an e-commerce portal of electronics, has 75.000 records leaked on the infamous portal Breach Forums.	Unknown	Wholesale and retail	CC	IT		Teknozone, Breach Forums
77	08/09/2022	-	-	?	Thoro Bicycles	Thoro Bicycles, an e-commerce portal of cycling accessories, has 31.000 records leaked on the infamous portal Breach Forums.	Unknown	Wholesale and retail	CC	IT		Thoro Bicycles, Breach Forums
78	09/09/2022	Since at least end of August 2022	End of August 2022	Lampion	Portuguese and Spanish-speaking banking users	Researchers from Cofense discover a new campaign of the Lampion malware, abusing WeTransfer.	Malware	Finance and insurance	CC	>1		Cofense, Lampion, WeTransfer
79	09/09/2022	Between 5/11/2021 and 05/04/2022.	12/07/2022	?	U-Haul International (U-Haul)	Moving and storage giant U-Haul International (U-Haul) discloses a data breach after a customer contract search tool was hacked to access customers' names and driver's license information.	Account Takeover	Transportation and storage	CC	US		U-Haul International, U-Haul
80	09/09/2022	Since 26/05/2022	14/07/2022	Hive	Empress EMS (Emergency Medical Services)	Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, discloses a data breach that exposed customer information after a Hive ransomware attack.	Malware	Human health and social work	CC	US		Empress EMS, Emergency Medical Services, Hive, Ransomware
81	09/09/2022	-	-	?	Henderson & Walton Women’s Center	The protected health information of 34,306 patients tied to the Henderson & Walton Women’s Center in Alabama is compromised during the hack of an employee email hack.	Account Takeover	Human health and social work	CC	US		Henderson & Walton Women’s Center
82	09/09/2022	-	20/04/2022	?	NorthStar Healthcare Consulting	The hack of an email account belonging to an employee of NorthStar Healthcare Consulting led to the possible access or theft of Georgia Medicaid information for 18,354 members.	Account Takeover	Professional, scientific and technical	CC	US		NorthStar Healthcare Consulting, Georgia Medicaid
83	09/09/2022	11/07/2022	12/07/2022	?	Lubbock Heart & Surgical Hospital	Lubbock Heart & Surgical Hospital files official notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights following a data security incident that disrupted the hospital’s computer network.	Unknown	Human health and social work	CC	US		Lubbock Heart & Surgical Hospital
84	09/09/2022	-	-	?	One Medical	One Medical confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data that had been entrusted to the company.	Unknown	Human health and social work	CC	US		One Medical
85	09/09/2022	-	-	Chinese scammers	Individuals in India	Law enforcement agencies in India discover a network of Chinese scammers having reportedly stolen $529 million dollars from Indian residents using instant lending apps, lures of part-time jobs, and bogus cryptocurrency trading schemes.	Account Takeover	Individual	CC	IN		India, China
86	09/09/2022	-	-	LockBit 3.0	La Calera Agricola	La Calera Agricola is hit with a LockBit 3.0 ransomware attack.	Malware	Accommodation and food service	CC	PE		La Calera Agricola, LockBit 3.0, ransomware
87	10/09/2022	10/09/2022	10/09/2022	?	Parliamentary Assembly of Bosnia and Herzegovina	The servers of the Parliamentary Assembly of Bosnia and Herzegovina are taken down by an alleged ransomware attack.	Malware	Public admin and defence, social security	CC	BA		Parliamentary Assembly of Bosnia and Herzegovina, Ransomware
88	10/09/2022	10/09/2022	10/09/2022	Threat actors from Iran	Albanian Total Information Management System, or TIMS	A new cyber attack allegedly carried out by Iranian threat actors takes down the Total Information Management System.	Unknown	Public admin and defence, social security	CW	AL		Albania, Iran, Total Information Management System, TIMS
89	11/09/2022	11/09/2022	11/09/2022	hdr0	Several Russian channels, including Channel One Russia, Russia-24, and Russia-1	A group of pro-Ukrainian hackers named hdr0 take credit for breaching Russian TV channels and broadcasting anti-war messages comparing Russia’s attack on Ukraine to the September 11 terrorist attacks in New York.	Unknown	Information and communication	H	RU		Russia, Ukraine, hdr0, Channel One Russia, Russia-24, Russia-1
90	11/09/2022	01/09/2022	01/09/2022	Daixin Team	Oakbend Medical Center	Oakbend Medical Center reveals to have been hit by a ransomware attack.	Malware	Human health and social work	CC	US		Oakbend Medical Center, ransomware, Daixin Team
91	11/09/2022	-	-	NSA?	Northwestern Polytechnical University	China denounces the U.S. Embassy in Beijing following a joint report from two of the country’s most prominent cyber authorities (China’s National Computer Virus Emergency Response Center (CVERC) and the company 360) accusing the National Security Agency of stealing “sensitive information” from Chinese institutions, in particular the Northwestern Polytechnical University.	Targeted Attack	Education	CE	CN		China, U.S., U.S. Embassy in Beijing, China’s National Computer Virus Emergency Response Center, CVERC, 360, NSA, National Security Agency, Northwestern Polytechnical University.
92	11/09/2022	-	-	?	Suffolk County	Suffolk County continues to investigate a possible ransomware attack.	Malware	Public admin and defence, social security	CC	UK		Suffolk County, ransomware
93	12/09/2022	SInce at least June 2022	-	Lorenz	Multiple organizations	Researchers from Arctic Wolf Labs reveal that the Lorenz ransomware gang now uses a critical vulnerability in Mitel MiVoice VOIP appliances (CVE-2022-29499) to breach enterprises, using their phone systems for initial access to their corporate networks.	CVE-2022-29499 vulnerability	Multiple Industries	CC	>1		Arctic Wolf Labs, Lorenz, Ransomware, Mitel, MiVoice, VoIP, CVE-2022-29499
94	12/09/2022	Since the start of 2022	-	?	Unknown organization(s)	Apple releases security updates to address CVE-2022-32917, a zero-day vulnerability used in attacks against iPhones and Macs since the start of the year.	CVE-2022-32917 vulnerability	Unknown	N/A	N/A		Apple, CVE-2022-32917, iPhones, Macs
95	12/09/2022	09/09/2022	09/09/2022	?	YouTube channel of Scuba Jake	The channel of a popular viral YouTuber Jake Koehler (aka Scuba Jake) is hacked to run a crypto scam.	Account Takeover	Individual	CC	US		Jake Koehler, Scuba Jake
96	12/09/2022	15/08/2022	15/08/2022	?	Eagle Mountain City	Eagle Mountain City falls victim to a BEC scam that resulted in the loss of nearly $1.13 million.	Business Email Compromise	Public admin and defence, social security	CC	US		Eagle Mountain City
97	13/09/2022	-	-	?	Steam users	Researchers from Group IB discover a new campaign where attackers are stealing Steam credentials using a Browser-in-the-Browser phishing technique.	Account Takeover	Arts entertainment, recreation	CC	>1		Group IB, Steam, Browser-in-the-Browser
98	13/09/2022	Since at least early 2021	Since April 2022	Threat actors associated with the ShadowPad activity cluster	Government entities in Asia	Researchers from Symantec/Broadcom identify a new cyber-espionage activity focusing on government entities in Asia, as well as state-owned aerospace and defense firms, telecom companies, and IT organizations.	Targeted Attack	Public admin and defence, social security	CE	>1		Symantec, Broadcom, ShadowPad
99	13/09/2022	-	-	?	Unknown organization(s)	Security software firm Trend Micro warns customers to patch CVE-2022-40139, an actively exploited Apex One security vulnerability as soon as possible.	CVE-2022-40139 Vulnerability	Multiple Industries	N/A	N/A		Trend Micro, CVE-2022-40139, Apex One
100	13/09/2022	-	-	?	Multiple organizations	Security researchers from Sansec reveal that attackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads.	Malicious Script Injection	Wholesale and retail	CC	>1		Sansec, FishPig, Magento, WordPress
101	13/09/2022	Since at least 08/09/2022	08/09/2022	?	Vulnerable WordPress sites	The Wordfence Threat Intelligence team warns that WordPress sites are actively targeted with exploits targeting CVE-2022-3180, a zero-day vulnerability in the WPGateway premium plugin.	CVE-2022-3180 Vulnerability	Multiple Industries	CC	>1		Wordfence, WordPress, CVE-2022-3180, WPGateway
102	13/09/2022	Since mid-2022	'Recently'	TA453 (AKA Charming Kitten, PHOSPHORUS and APT42)	Researchers involved in international security, particularly in Middle Eastern studies or nuclear security	Researchers from Proofpoint discover a new campaign carried out by the Iranian threat actor TA453 using Multi-persona impersonation (MPI)	Account Takeover	Multiple Industries	CE	>1		Proofpoint, Iran, TA453, Multi-persona impersonation, MPI, Charming Kitten, PHOSPHORUS, APT42
103	13/09/2022	During 2022	During 2022	Emotet	Multiple organizations	Researchers from AdvIntel reveal that the Quantum and BlackCat ransomware gangs are now using the Emotet malware to deploy their payloads.	Malware	Multiple Industries	CC	>1		AdvIntel, Quantum, BlackCat, ransomware
104	13/09/2022	-	-	?	Legislatura CABA (Legislature of Buenos Aires)	Legislatura CABA discloses a ransomware attack.	Malware	Public admin and defence, social security	CC	AR		Legislatura CABA, Legislature of Buenos Aires, ransomware
105	13/09/2022	-	-	?	City Furniture	City Furniture confirms that the company experienced a data breach after sensitive consumer data contained on its network was compromised.	Unknown	Wholesale and retail	CC	US		City Furniture
106	13/09/2022	12/05/2022	12/05/2022	?	The Springs Living	The Springs Living reports a data breach after an unauthorized party gained access to sensitive information on the company’s computer network.	Unknown	Human health and social work	CC	US		The Springs Living
107	13/09/2022	30/03/2022	30/03/2022	Conti	TIC International Corporation (TIC)	TIC International Corporation (TIC) reports a data breach after the company learned it had been the target of a ransomware attack.	Malware	Finance and insurance	CC	US		TIC International Corporation, TIC, ransomware, Conti
108	13/09/2022	During August 2022	During August 2022	?	Individuals	Researchers from Avanan discover a phishing campaign using emails that look like they're coming from Facebook Ads Manager.	Account Takeover	Individual	CC	>1		Avanan, Facebook, Ads Manager
109	13/09/2022	Since March 2022	-	Chiffon Herring	University staff in the US	Researchers at Abnormal Security identify Chiffon Herring, a specific BEC scammer group targeting university staff in new payroll diversion attacks. Called Chiffon Herring.	Business Email Compromise	Education	CC	US		Abnormal Security, Chiffon Herring
110	13/09/2022	-	-	?	Instituto De Desarrollo Profesional (IDEPRO)	The Instituto De Desarrollo Profesional (IDEPRO) has 1GB of data leaked on a popular forum.	SQLi	Public admin and defence, social security	CC	PE		Instituto De Desarrollo Profesional, IDEPRO
111	13/09/2022	Mid-September 2022	Mid-September 2022	?	Ethereum investors	Twitter scammers are actively using verified Twitter accounts to impersonate Ethereum co-founder Vitalik Buterin and dupe investors.	Crypto scam	Fintech	CC	>1		Twitter, Ethereum,Vitalik Buterin
112	14/09/2022	During February 2021	During February 2021	SparklingGoblin AKA Earth Baku	University in Hong Kong	Researchers from ESET discover a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group.	Targeted Attack	Education	CE	HK		ESET, Linux, SideWalk, SparklingGoblin, Earth Baku
113	14/09/2022	-	-	?	Greek Banking Users	Researchers from Cyble discover a novel phishing campaign targeting Greeks with phishing sites that mimic the state's official tax refund platform and steal credentials as they type them.	Account Takeover	Finance and insurance	CC	GR		Cyble
114	14/09/2022	-	-	?	Undisclosed organization(s)	CISA adds a new Windows vulnerability, elevation of privileges bug in the Windows Common Log File System Driver is tracked as CVE-2022-37969, to its list of security bugs exploited in the wild.	CVE-2022-37969 Vulnerability	Unknown	N/A	N/A		CISA, CVE-2022-37969
115	14/09/2022	14/09/2022	14/09/2022	?	Microsoft 365 users in the UK	Researchers from Proofpoint reveal that threat actors are exploiting the death of Queen Elizabeth II in phishing attacks to lure their targets to sites that steal their Microsoft account credentials.	Account Takeover	Multiple Industries	CC	UK		Proofpoint, Queen Elizabeth, Microsoft 365
116	14/09/2022	-	-	?	Sniffies users	Gay hookup and cruising web app Sniffies is being impersonated by opportunistic threat actors hoping to target the website's users with typosquatting domains that push scams and dubious Google Chrome extensions.	Account Takeover	Individual	CC	>1		Sniffies, Google Chrome
117	14/09/2022	Since at least June 2018	Since at least June 2018	?	Healthcare Payment Processors in the US	The Federal Bureau of Investigation (FBI) issues an alert about attackers targeting healthcare payment processors to route payments to bank accounts controlled by them.	Account Takeover	Finance and insurance	CC	US		Federal Bureau of Investigation, FBI), healthcare payment processors
118	14/09/2022	Since at least August 2022	During August 2022	Gamaredon (AKA Primitive Bear, Shuckworm, IronTiden, and Callisto)	Entities in Ukraine	Researchers from Cisco Talos discover a new cyber espionage campaign by the Gamaredon Russian group targeting Ukrainian entities with previously unseen info-stealing malware.	Targeted Attack	Multiple Industries	CE	UA		Gamaredon, Primitive Bear, Shuckworm, IronTiden, Callisto, Russia, Ukraine, Cisco Talos
119	14/09/2022	-	-	?	Microsoft Edge users	Researchers from Malwarebytes discover an ongoing malvertising campaign injecting ads in the Microsoft Edge News Feed to redirect potential victims to websites pushing tech support scams.	Malvertising	Individual	CC	>1		Malwarebytes, Microsoft Edge
120	14/09/2022	During July 2022	During July 2022	UNC4034 (AKA Temp.Hermit, Labyrinth Chollima)	Company in the media industry	Researchers from Mandiant reveal that North Korean hackers are using trojanized versions of the PuTTY SSH client to deploy backdoors on targets' devices as part of a fake Amazon job assessment.	Targeted Attack	Information and communication	CE	N/A		Mandiant, North Korea, PuTTY, Amazon, UNC4034, Temp.Hermit, Labyrinth Chollima
121	14/09/2022	14/09/2022	14/09/2022	?	Seesaw	Seesaw, a popular messaging application used by school districts across the U.S. is forced to apologize after parents said an inappropriate photo was sent out as a consequence of a credential stuffing attack.	Credential Stuffing	Information and communication	CC	US		Seesaw
122	14/09/2022	During 2022	During 2022	Islamic Revolutionary Guard Corps (IRGC)	Organizations in the U.S., Australia, Canada, and United Kingdom	A joint advisory by the government agencies in the US, UK, Canada, and Australia say that threat groups associated with Iran’s Islamic Revolutionary Guard Corps (IRGC) have been engaging in data encryption and extortion operations exploiting the Log4Shell vulnerability, Islamic Revolutionary Guard Corps, IRGC	Multiple vulnerabilities (CVE-2018-13379, CVE-2019-5591, CVE-2020-12812, CVE-2021-34473, CVE-2021-34523, CVE-2021-31207, CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)	Multiple Industries	CC	AU CA UK US		Iran, Islamic Revolutionary Guard Corps, IRGC, Log4shell
123	14/09/2022	03/07/2022	03/07/2022	?	Medical Associates of the Lehigh Valley (MATLV)	Medical Associates of the Lehigh Valley (MATLV) announces that it fell victim to a sophisticated ransomware attack on its network.	Malware	Human health and social work	CC	US		Medical Associates of the Lehigh Valley in Pennsylvania, MATLV, ransomware
124	14/09/2022	From 24/12/2021 to 02/06/2022	02/06/2022	?	M.C. Dean	M.C. Dean confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on its network.	Unknown	Professional, scientific and technical	CC	US		M.C. Dean
125	14/09/2022	-	-	?	Job Seekers in France	Researchers from Vade detect a new phishing campaign exploiting legitimate servers of Pôle Emploi, a career website operated by the French government.	Account Takeover	Individual	CC	FR		Vade, Pôle Emploi
126	14/09/2022	-	-	?	Real estate professionals	Researchers from Ironscales discover thousands of Microsoft 365 credentials stored in plaintext on phishing servers, as part of an unusual, targeted credential-harvesting campaign against real estate professionals.	Account Takeover	Real estate	CC	>1		Ironscales
127	14/09/2022	'Recently'	'Recently'	Kinsing	Multiple organizations	Researchers from Trend Micro discover a new campaign by the Kinsing malware exploiting the CVE-2020-14882 Oracle Web Logic vulnerability to deliver cryptocurrency-mining malware.	CVE-2020-14882 Vulnerability	Multiple Industries	CC	>1		Trend Micro, Kinsing, CVE-2020-14882, Oracle Web Logic
128	14/09/2022	-	-	RansomHouse	IPCA Laboratories	IPCA Laboratories, one of the biggest pharmaceutical companies in India, is hit by RansomHouse that claims to have stolen 500 gigabytes of data from its systems.	Malware	Professional, scientific and technical	CC	IN		IPCA Laboratories, RansomHouse, ransomware
129	14/09/2022	-	-	LockBit 3.0	InSpecs EyeWear	InSpecs EyeWear is added to the LockBit 3.0 ransomware leak site.	Malware	Manufacturing	CC	US		InSpecs EyeWear, LockBit 3.0, ransomware
130	14/09/2022	-	-	LockBit 3.0	Comision Nacional de Acreditación in Chile (CNA)	The Comision Nacional de Acreditación in Chile is hit with a LockBit 3.0 ransomware attack.	Malware	Public admin and defence, social security	CC	CL		Comision Nacional de Acreditación in Chile, CNA, LockBit 3.0, ransomware
131	14/09/2022	06/08/2022	06/08/2022	Black Basta	Elbit Systems of America	Elbit Systems of America, a subsidiary of Israeli defense giant Elbit Systems, confirms suffering a data breach, a few months after the Black Basta ransomware gang claimed to have hacked the company’s systems.	Malware	Professional, scientific and technical	CC	US		Elbit Systems of America, Elbit Systems, Black Basta, ransomware
132	14/09/2022	10/09/2022	-	GhostSec	Water system in Israel	Researchers from Otorio disclose a new attack from the GhostSec hacktivists against a water system in Israel.	Unknown	Water supply, waste mgmt, remediation	H	IL		Otorio, GhostSec
133	15/09/2022	15/09/2022	15/09/2022	?	Twitter account of the Italian Ministry of Ecological Transition	The Twitter account of the Italian Ministry of Ecological Transition is hacked by an unknown individual who takes over the profile with the identity of Ethereum founder Vitalik Buterin.	Account Takeover	Public admin and defence, social security	CC	IT		Twitter, Italian Ministry of Ecological Transition, Ethereum, Vitalik Buterin
134	15/09/2022	Since at least 2017	During 2022	WebWorn	IT service providers in Asia	Researchers from Symantec/Broadcom reveal that the Chinese 'Webworm' hacking group is using customized versions old RATs (Trochilus, Gh0st RAT, and 9002 RAT) in new attacks, likely to evade attribution and reduce operations costs.	Targeted Attack	Professional, scientific and technical	CE	>1		Symantec, Broadcom, Webworm, Trochilus, Gh0st RAT, 9002 RAT
135	15/09/2022	-	-	?	YouTube users	Researchers from Kaspersky discover a new self-spreading malware bundle (containing the RedLine Infostealer) promoted in YouTube videos targeting fans playing FIFA, Final Fantasy, Forza Horizon, Lego Star Wars, and Spider-Man.	Malware	Individual	CC	>1		Kaspersky, RedLine, YouTube, FIFA, Final Fantasy, Forza Horizon, Lego Star Wars, Spider-Man.
136	15/09/2022	12/09/2022	12/09/2022	?	Undisclosed organization in Europe	Researchers from Akamai reveal to have mitigated a record-breaking DDoS attack peaking at 704.8 Mpps.	DDoS	Unknown	CC	N/A		Akamai
137	15/09/2022	20/08/2022	-	Hive	Bell Technical Solutions (BTS)	The Hive ransomware gang claims responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS).	Malware	Education	CC	US		Hive, ransomware, Bell Canada, Bell Technical Solutions, BTS
138	15/09/2022	Since September 2022	During September 2022	TeamTNT	Multiple organizations	Researchers at AquaSec discover a new campaign by the TeamTNT.	Malware	Multiple Industries	CC	>1		AquaSec, TeamTNT
139	15/09/2022	Between 12/06/2022 and 17/07/2022	17/07/2022	?	Neurology Center of Nevada (NCNV)	The Neurology Center of Nevada (NCNV) confirms it experienced a data breach after the computers become inaccessible.	Unknown	Human health and social work	CC	US		Neurology Center of Nevada, NCNV
140	15/09/2022	06/02/2022	Between 29/01/2022 and 06/02/2022	?	Cash Express	Cash Express reports a data breach after the company experienced a data breach involving an unauthorized party gaining access to sensitive consumer data.	Unknown	Finance and insurance	CC	US		Cash Express
141	15/09/2022	Since July 2022	21/07/2022	?	Individuals	Researchers from Cluster25 discover Erbium, an information-stealing malware distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets.	Malware	Individual	CC	>1		Cluster25, Erbium
ID	Date Reported	Date Occurred	Date Discovered	Author	Target	Description	Attack	Target Class	Attack Class	Country	Link	Tags

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

Q2 2023 Cyber Attacks Statistics
I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...
The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...
1-15 August 2023 Cyber Attacks Timeline
In the first timeline of August, I collected 169 events (corresponding to 11.27 events per day), a considerable decrease compared to the the second half of July...
The Biggest Data Breaches of 2021
With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.
July 2023 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics of June 2023 where I have collected and analyzed 384 events, yet another record number driven...