Let’s kick off this infosec year with the first cyber attacks timeline for January 2023. In this fortnight I have collected 132 events, ten events more than the previous timeline, which bring the daily average to 8.8 events per day. If we look back at January 2021, back then we collected 93 events, meaning a 42% increase.

Events characterized by ransomware were stable around 30% (40 out of 132, it was 35% in the previous timeline) thanks primarily to the threat actor of Vice Society that leaked the data exfiltrated from eleven schools in the U.K., whilst 15 out of 132 events (corresponding to 11.36%) were characterized by the exploitation of vulnerabilities, an important increase compared to 5.9% of events (8 out of 122) of the previous fortnight.

The fintech sector continues to be under pressure, with multiple campaigns targeting crypto companies and their users.

In the meantime, Twitter was the victim of yet another mega breach, with approximately 200 million profiles leaked and put on sale by a threat actor, and similarly an attack against an undisclosed marketing provider in Japan, caused the leak of nearly 2 million records belonging to Japanese customers of two large insurance companies.

The hacktivist front was always hot, fueled by the campaigns of pro-Russian threat actors such as NoName057(16), similarly to the cyber espionage, not so many operations, apparently, but hitting very high-profile targets: Cold River (AKA Calisto) hit three nuclear laboratories in the U.S., a new operation from the Turla Russian threat actor was unearthed, targeting organizations in Ukraine, and the list is completed by Strong Pity and Dark Pink, for which a new cluster of malicious activities were similarly discovered.

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map January H1 2023

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • August 2016 Cyber Attacks Statistics

    It's time to publish the statistics derived from the cyber attacks timelines of August (Part I and Part II), a month particularly active from an Information Security perspective, despite the Summer time. As always, let’s start from the Daily Trend Chart, which shows obviously an ...

  • Image by Cliff Hang from Pixabay1-15 August 2023 Cyber Attacks Timeline

    In the first timeline of August, I collected 169 events (corresponding to 11.27 events per day), a considerable decrease compared to the the second half of July...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Q2 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...

  • Image by Cliff Hang from Pixabay1-15 July 2023 Cyber Attacks Timeline

    In the first half of July 2023, I collected 161 events (corresponding to 10.73 events per day), a number that...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.