Major Cyber Attacks Witnessed Globally

SOCRadar, the early warning system for cyber incidents, closely monitors major cyber attacks witnessed globally. Below is a list of selected attacks.

Get free access to SOCRadar now to see how an early warning system for cybersecurity works.

Get Free Access
Company / Country Industry Details* Attack Vector Threat Group
Motel One/Germany Hospitality A total of 24,449,137 files, roughly equivalent to 6TB of data was stolen. Ransomware BlackCat (ALPHV)
McLaren HealthCare/USA Healthcare The attack resulted in network outages at 14 facilities. Ransomware BlackCat (ALPHV)
Rossiya Airlines, Pobeda, and Aeroflot/Russia Aviation Russian flight booking system Leonardo was attacked, which affected several carriers. DDoS IT Army
Johnson Controls/Global Technology The attack encrypted various company devices and 27TB of corporate data was stolen. Ransomware Dark Angels Team
Sony Technology Threat actors claimed to have successfully breached Sony’s systems. Ransomware/Data Leak RansomedVC/MajorNelson
Mixin Network Cryptocurrency Hackers pilfered $200 million in assets by targeting a cloud service provider. Third-party Unknown
MGM Resorts Entertainment/Hospitality The attack resulted in disruptions across more than 30 hotels and casinos worldwide. Social Engineering Scattered Spider
Airbus/Global Aviation Hacker exposed sensitive data from 3,200 Airbus vendors. Account Breach USDoD
CoinEx Cryptocurrency Large amounts were transferred to an address with no prior history. Fraudulent Transactions Unknown
Stake.com Entertainment Hackers stole more than $40 million in cryptocurrency. Fraudulent Transactions Unknown
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
BAZAN Group/Israel Energy, Oil The cyberattack caused website disruptions and exposed SCADA systems. Vulnerability Exploit Cyber Avengers
Activision/USA Video Games Modern Warfare 2 (MW2) servers were taken offline due to a worm. Malware Unknown
NATO COI Political/Defense ATO’s Communities of Interest (COI) Cooperation Portal was allegedly hacked. Data Theft SiegedSec
Alphapo Cryptocurrency Over $60 million was drained from hot wallets in cryptocurrencies. Wallet Exploit Lazarus
CoinsPaid Cryptocurrency CoinsPaid reported a $37.2 million cyber attack. Malware Lazarus
Ministry of Health and Population/Egypt Government Agency Threat actor claimed to have acquired 2 million data records. Unknown Unknown
Tampa General Hospital/USA Healthcare Security breach compromised patient data of up to 1.2 million patients. Network Breach Unknown
HCA Healthcare/USA Healthcare Potential theft of 11 million patients’ data offered for sale on a cybercrime forum. Data Breach Unknown
Directorate General of Immigration/Indonesia Government Agency Hacktivist offered personal information of 35 million Indonesian passport holders on the dark web. Data Leak Bjorka
Multichain Cryptocurrency Cyberattack led to theft of over $125 million in cryptocurrency. Fraudulent Transactions Unknown
Nickelodeon Entertainment Nickelodeon confirmed the leak of 500GB of files. Unauthorized Access Unknown
Poly Network Cryptocurrency The attackers made off with approximately $42 billion worth of cryptocurrency. Fraudulent Transactions Unknown
Microsoft Technology Anonymous Sudan claimed to hack Microsoft, but Microsoft denied legitimacy of the data. Data Theft Anonymous Sudan
Exactly Protocol Cryptocurrency The company acknowledged the theft of $7.3 million worth of ETH. Unknown Unknown
Duolingo/Global Online Education A data breach has exposed the private details of 2.6 million Duolingo users. Data Scraping Unknown
Discord.io Software Data breach of the third-party app affected 760K Discord users. Unknown Akhirah
IBM Technology IBM’s MOVEit hack led to 14M individuals’ health data being compromised. Vulnerability Exploit Clop Ransomware
Fukushima Power Plant/Japan Energy 21 websites linked to the power plant was attacked in operation “Tango Down.” DDoS EUTNAIOA/Anonymous Italia Collective
Colorado Department of Higher Education (CDHE)/USA Education CDHE revealed a major data breach following a ransomware attack in June. Ransomware Unknown
Mom’s Meals/USA Food and Beverage/Healthcare Data breach impacted a total of 1,237,681 individuals. Ransomware Unknown
Multiple Banks/Italy Financial NoName has claimed cyberattacks on Italian banks, businesses, and government agencies. DDoS NoName057(16)
 Salesforce Software Attackers leveraged a Salesforce feature to gain control of @salesforce[.]com addresses. Vulnerability Exploit Unknown
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
3CX / Global Telecommunications A supply chain attack led to another, it started by a malware infected package on Trading Technologies’ website. Supply Chain Attack UNC4736
American Bar Association / Global Legal A hacker obtained older credentials of 1.4 million members from ABA’s network. Unauthorized Access Unknown
Hundred Finance / Global Cryptocurrency DeFi protocol Hundred Finance hacked, loses $7M in assets. Flash Loan Attack Unknown
Bitrue / Global Cryptocurrency Bitrue hot wallet exploit resulted in $23M theft. Wallet Exploit Unknown
Hyundai / France, Italia Automotive Hackers gained access to information of French and Italian Hyundai customers who booked test drives. Unauthorized Access Unknown
Yum! Brands / UK Foodservice The company reported data breach and temporarily shut down 300 restaurants in the UK. Ransomware Unknown
Yellow Pages Group / Global Media The publisher’s confidential documents were leaked. Ransomware Black Basta Ransomware
Skolkovo Foundation / Russia Technology Ukrainian hacktivists gained access to certain information systems, including the organization’s file-hosting service on physical servers. Unauthorized Access SUDO RM-RF
RaidForums Forum The administrator of Exposed leaked the RaidForums database for nearly 479,000 members’ information. Unknown Impotent
Jimbos Protocol Cryptocurrency Due to exploitation of a liquidity conversion vulnerability, 4,000 ETH ($7.5 million) was lost. Vulnerability Exploit Unknown
MCNA Dental Healthcare Insurance Company discovered and reported a data breach that affected nearly 9 million patients. Unauthorized Access LockBit
Luxottica / Global Retail Hackers exposed the personal information of over 70 million customers. Ransomware Unknown
Bank Syariah Indonesia (BSI) / Indonesia Finance LockBit released 1.5 terabytes of personal and financial data obtained from BSI. Ransomware LockBit
PharMerica / USA Healthcare Retail PharMerica encountered a significant data breach impacting 5.8 million patients. Unauthorized Access Money Message
Discord / Global Communication Discord has revealed a data breach resulting from the compromise of a third-party customer service agent’s account. Third-Party Data Breach Unknown
Fullerton India / India Finance LockBit has released 600 gigabytes of critical data stolen from Fullerton India. Ransomware LockBit
Brightline / USA Healthcare Brightline confirmed a data breach due to vulnerable GoAnywhere MFT service, 783,606 individuals’ PHI was stolen. Vulnerability Exploit Clop
Level Finance Cryptocurrency Hackers exploited a smart contract vulnerability in Level Finance, stealing 214,000 LVL tokens. Vulnerability Exploit Unknown
HWL Ebsworth Legal BlackCat ransomware hacked HWL Ebsworth and stole 4TB of company data. Ransomware BlackCat (ALPHV)
TSMC / Taiwan Semiconductor Manufacture Demanding a $70 million ransom, LockBit threatens to leak alleged data unless TSMC pays. Ransomware National Hazard Agency (LockBit)
Shell / Global Energy Clop ransomware targeted Shell in MOVEit attacks. Ransomware Clop
Fort Worth Government / USA Public Hackers stole 180GB data from the website of Fort Worth. Data Breach SiegedSec
CalPERS / USA Public Data breach affected approximately 769K retired California employees and beneficiaries. Ransomware Clop
University of Manchester / UK Education Threat actors claim to have stolen 7 TB of data during the attack. Ransomware Unknown
Onix Group / USA Real Estate Attackers accessed 319,500 patients’ and employees’ information during a ransomware attack. Ransomware Unknown
DBSA / Southern Africa Finance The Development Bank of Southern Africa (DBSA) was targeted in a cyberattack. Ransomware Akira
Zacks Investment Research Investment Zacks experienced another data breach, impacting 8.8 million customers. Data Breach Unknown
Intellihartx / USA Healthcare Revenue Management Intellihartx notified 490K individuals of data compromise in GoAnywhere zero-day attack. Ransomware Clop
Atomic Wallet Cryptocurrency Atomic Wallet was hacked, stolen crypto value exceeds $35M. Unknown Unknown
Enzo Biochem / USA Biotechnology PHI of 2.5 million individuals in the US was stolen in a cyber attack. Ransomware Unknown
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
T-Mobile / Global Telecommunication A threat actor used a T-Mobile API to gain access to 37 million active customer accounts’ personal information. Unauthorized Access Unknown
Deezer / Global Music Streaming Threat actors leaked 250M+ Deezer users’ information. Third Party Unknown
Zacks Investment Research Investment Hackers broke into the Zacks Investment Research business and obtained access to 820,000 customers’ private and sensitive information. Unauthorized Access Unknown
Cellebrite / Israel Digital Intelligence Threat actors stole 1.7TB of data, including Cellebrite’s software and other documentation. Unauthorized Access Unknown
RailYatri / India Travel 31 million entries of the Indian train ticket platform were leaked on a hacker forum. Misconfiguration Unknown
Regal Medical Group / Southern California Healthcare PII and PHI of over 3 million patients were stolen in the ransomware attack. Ransomware Unknown
AT&T / Global Telecommunications AT&T has announced that approximately 9 million customers were affected by a data breach. Third-Party Breach Unknown
Akamai / Asia-Pacific (APAC) Unknown Akamai mitigated a DDoS attack that peaked at 900.1 Gbps and 158.2 million PPS. DDoS Unknown
Euler Finance / Global Cryptocurrency Euler Finance crypto lending platform was hacked for $197 million in crypto. Flash Loan Attack Jacob
Independent Living Systems / USA Healthcare ILS reported a data breach that affected 4.2 million individuals. Unauthorized Access Unknown
Latitude Financial / Australia Finance Data breach of Latitude Financial resulted in theft of 14 million customer records. Unauthorized Access (Employee Credentials) Unknown
TMX Finance / USA Finance TMX Finance and its subsidiaries suffered a breach affecting nearly 5 million customers. Unauthorized Access Unknown
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
MyDeal / Australia Retail Woolworths’ MyDeal subsidiary reported a data breach impacting 2.2 million customers. The hacker was attempting to sell the stolen information on a hacker forum. Unauthorized Access Undetermined
Bundeskriminalamt (BKA) / Germany Finance The Bundeskriminalamt (BKA) of Germany detained a person (age 24) and two alleged collaborators after they were suspected of stealing €4,000,000 from online users through phishing attacks. Phishing Unknown
Kingfisher / UK Retail The LockBit ransomware organization claimed the theft of 1.4 TB of Kingfisher’s data, including the personal information of its workers and clients. Ransomware LockBit
Medibank / Australia Healthcare The unidentified hackers claim to have 200 gigabytes of data from Medibank, an Australian private health insurer with about 3.9 million clients in a nation of about 25 million. Ransomware Undetermined
Aarti Drugs / India Healthcare The BianLian ransomware organization exposed Aarti Drugs’ private information on a dark web forum. Ransomware BianLian
Wynncraft Minecraft Server Video Games Cloudflare announced that it has successfully stopped a 2.5 Tbps distributed denial-of-service (DDoS) attack by a Mirai botnet, targeted at the Wynncraft Minecraft server. DDoS Mirai Botnet
Concorsi Sanitari Integral / Barcelona Healthcare RansomExx ransomware gang leaked a 52-gigabyte file on the dark web, which contained information stolen from the Consorci Sanitari Integral. Ransomware RansomExx
Tata Power / India Power Industry A leading power-producing company in India, Tata Power, has confirmed becoming the victim of a cyberattack. Ransomware Hive
Whoosh / Russia Transportation The Russian scooter rental service Whoosh has reported a data breach after hackers started to sell a database containing the personal information of 7.2 million users on a hacking forum. Data Leak Undetermined
Banks and Telecommunication Services / Africa Finance, Telecommunication A threat group known as OPERA1ER has used hacking tools to steal at least $11 million from African banks and telecommunications service providers. Network Breach OPERA1ER
Medibank / Australia Healthcare About 9.7 million customers’ private information, as well as those of some of their authorized representatives, were accessed. Medibank refused to pay ransom. Ransomware REvil
AirAsia / Malaysia Airline Daixin ransomware group leaked sample data from Malaysian airline AirAsia. They allegedly gained access to the information of the company’s employees and 5 million passengers. Ransomware Daixin
Deribit Cryptocurrency Deribit exchange reported that its hot wallet had been compromised. After suffering a $28 million hot wallet hack, the exchange stopped accepting withdrawals. Unauthorized Access Unknown
Continental / Germany Tire Manufacture LockBit ransomware gang hacked Continental, stealing approximately 40TB of data. The data is said to have been listed for sale after Continental refused to pay the ransom. Ransomware LockBit
The Indian Railways / India Transportation The Indian Railways experienced a data breach on December 27 that resulted in the theft of the personal information of about 30 million people. The data was listed for sale on the dark web. Unauthorized Access Shadohacker
BTC.com Cryptocurrency The biggest cryptocurrency mining pool, BTC.com, reported being the target of a cyberattack that stole digital assets worth about $3 million. Undetermined Unknown
Twitter Social Media A threat actor shared 400 million Twitter user records on a dark web forum tracked by SOCRadar in December. Vulnerability Exploit Unknown
Okta / USA Software Private GitHub repositories of Okta were compromised, resulting in the theft of source code. Unauthorized Access Unknown
Gemini Cryptocurrency Personal information of 5.7 million Gemini cryptocurrency exchange customers was compromised after an unnamed third-party was victimized by an unauthorized threat actor. Third-Party Data Breach Unknown
Centers for Medicare and Medicaid Services of HHS / Global Healthcare 254,000 beneficiaries were informed that their data had been compromised due to a ransomware attack on a third-party vendor. Ransomware Unknown
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
Shields Health Care Group / U.S.A. Healthcare Shields Health Care Group suffered a cyber crisis that affected the personal data of nearly 2 million patients. Unauthorized access Undetermined
University of Pisa / Italy Education The criminals issued a ransom note for Saturday’s attack, giving the university administration until June 16 to pay $4.5 million. Unauthorized access Blackcat
Akamai / Eastern Europe Unknown On September 12, Akamai stopped a distributed denial-of-service attack that set a new record with 704.8 Mpps traffic per minute. DDoS Unknown
Wintermute Cryptocurrency Hackers stole $162 million from the DeFi section of Wintermute’s platform by exploiting a bug in Profanity Vulnerability Exploit Unknown
Rockstar Games Video Games Rockstar Games was subject to a network breach. GTA 5 and 6 source code and assets, and GTA 6 testing videos were claimed to be stolen. Unauthorized access TeaPot
Uber / U.S.A. Transportation Uber’s internal IT system was breached and the hacker gained access to critical company data as well as vulnerability reports from HackerOne. Unauthorized access TeaPot
European Union Citizens/ Ukraine Healthcare Hacker gang responsible for data theft of 30 million people sold the accounts on the dark web for UAH 14 million. Malware infection Unknown
Military and Police Organizations / Central America Military Hacking gang released 10TB of military emails and information in Chile, Mexico, El Salvador, Columbia and Peru. Undetermined Guacamaya
Indian Citizens / Republic of India Finance Chinese scammers allegedly stole $529 million from Indian citizens by exploiting instant lending apps, employment offers, and fake cryptocurrency trading schemes. Phishing Unknown
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
Twitch / Global Live Streaming Service On hacker forums, a torrent link to a 125GB archive containing data allegedly stolen from roughly 6,000 internal Twitch Git repositories is shared Misconfigured server Undetermined
JVCKenwood / Japan, Global Electronics The ransomware group claimed to have stolen 1.7 TB of data Unauthorized access Conti
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
MyRepublic / Singapore, New Zealand, and Australia Telecommunication/ISP Personal information data of 80K mobile subscribers are exposed Access through a third-party data storage platform Unknown
Yandex / Russia Technology Solutions and Search Engine Provider DDoS attacks with 21.8 million requests per second (world record so far) DDoS attack Mēris Botnet
Fortinet / USA Cybersecurity Solution Provider 500 Fortinet VPN credentials are leaked Ransomware Groove
Bangkok Airways / Thailand Airline 6TB data stolen by using credentials leaked from breached Accenture systems Ransomware LockBit 2.0
Neiman Marcus / USA Luxury Retail Neiman Marcus sent notices of a data breach (online account credentials) to 4.3 million customers. The data breach started in May 2020 until it was discovered in September 2021 Undetermined Undetermined
Microsoft Exchange Autodiscover Bug / Global IT A bug in the Microsoft Exchange Autodiscover leaked around 100,000 credentials for Windows domains worldwide N/A Guardicore’s AVP of Security Research discovered the bug
* Details given to these events might be claims by the threat actors.
Company / Country Industry Details* Attack Vector Threat Group
Colonial Pipeline / USA Oil Affected its computerised equipment managing the pipeline, disrupting the fuel supply to most of the US East Coast for days Ransomware DarkSide
CNA / USA Finance Majority of policyholder data impacted Ransomware Phoenix Locker
Brenntag / Germany Chemical distribution Stolen 150 GB of data Ransomware DarkSide
LinkedIn / USA Social Media 500 M accounts leaked Data Breach Unknown
Facebook / USA Social Media Impacted 533 Million Users Data Breach Unknown
University of California Schools / USA Education Copied and transferred UC files by exploiting a vulnerability in Accellion’s file transfer service Ransomware Unknown
Washington DC Police Department / USA Government Leak of 250 GB data that includes the PII of confidential informants, persons of interests, and employees Ransomware Babuk
The Scripps Health / USA Health Stolen all patient records (a half-million patients per year through 2,600 affiliated physicians) Ransomware Ryuk
The Health Service Executive (HSE) / Ireland Government Stolen 700 GB of data Ransomware ContiLocker
JBS Foods / Brazil Food Unknown Ransomware REvil
McDonalds Fast food Exposed all U.S. business information, customer data in South Korea and Taiwan Data Breach Unknown

* Details given to these events might be claims by the threat actors.

Company / Country Industry Details* Attack Vector Threat Group
Channel Nine / Australia Television/Broadcasting Broadcasting and publishing systems were rendered unable Cyber espionage Unknown
Harris Federation / UK Education Temporarily disabled the devices and email systems, resulting in over 37,000 students being unable to access their coursework Ransomware Unknown
CNA Financial / USA Insurance Ransomware Evil Corp.
Kia Motors / South Korea Automobile Apps, phone services, payment systems, owner’s portal and internal sites are impacted Ransomware DoppelPaymer
Bonobos / USA Retail 70 GB SQL database leaked Data Breach ShinyHunters
Bangkok Airways / Thailand Airline 6 TB data stolen by using credentials leaked from breached Accenture systems Ransomware LockBit 2.0
Florida Water System / USA Supply Chain Attempted to Poison Water Supply in Florida Data Breach Unknown
Microsoft’s Exchange Server / USA Software Expose millions of users worldwide Zero-day exploits Unknown
Bombardier / Canada Aerospace Confidential data of customers, suppliers and employees compromised Data Breach Unknown
Acer / Taiwan Electronics Acer Suffered the Highest Ransom Demand in History of $50 Million Ransomware REvil
University of the Highlands and Islands (UHI) / UK Education Caused disruption to services Unknown Unknown
Sierra Wireless / Multinational Electronics Internal operations disrupted Ransomware Unknowns
Accellion / China Supply Chain Customer data being stolen or compromised Zero-day exploits FIN11

* Details given to these events might be claims by the threat actors.