Motivations April H2 2023

No Data Found

Attack Techniques April H2 2023

No Data Found

In the second half of April 2023 I collected 180 events (corresponding to 12 events/day), a sharp increase compared to the first timeline of April where the recorded events were 161.

The percentage of events caused by ransomware attacks is stable to 27.22% (49 out of 180 events, similar to  27.3% of the previous timeline (44 out of 161 events). The impact of vulnerabilities played a part in 26 out of 180 events corresponding to 14.4%, slihtly up from 12.4% of the first fortnight of April (20 out of 161 events).

Unsurprisingly, multi-million losses continued to plague the fintech sector: Both Merlin and 0VIX suffered a cyber heist leading to the theft of $2M worth in cryptocurrency (and they are not the only ones hit in this timeline, despite the other attacks did not achieve the same impact).

In terms of  mega breaches there is one remarkable event, despite it is not completely clear, and it is the sale, on a Russian forum, of the details of 360 Chinese citizens. Other interesting event concern the arrest of an Ukrainian individual who stole the details of 360 European citizens, and the breaches of Terravision (2 million records compromised), the American Bar Association (1.5 million records compromised), and also NextGen Healthcare, victim of a ransomware attack compromising the details of 1.05 million users.

The Cyber Espionage front was always hot, with multiple campaigns unearthed also in the first half of April, and carried out by known threat actors such as the usual APT28, APT29, APT36, and also Sandworm tarketing Ukraine. Additionally it looks like Lazarus Group was also very active after the remarkable supply-chain attack to 3CX (and it looks like that even 3CX was compromised via a supply-chain attack).

And as always, this brief summary is closed by a quick mention to the attacks launched by the pro-Russian hacktivists of NoName057(16) and Killnet that were directed respectively against several websites in Italy, and individuals close to the NATO Last but not least, the collective Anonymous Sudan continued its campaign against Israel.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map April H1 2023

No Data Found


Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Leaky Buckets in 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the incidents due to cloud misconfigurations and leading to...

  • Image by wastedgeneration from Pixabay1-15 December 2023 Cyber Attacks Timeline

    In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with ...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.