Major Cyber Attacks Witnessed Globally

SOCRadar, the early warning system for cyber incidents, closely monitors major cyber attacks witnessed globally. Below is a list of selected attacks.

Get free access to SOCRadar now to see how an early warning system for cybersecurity works.

Get Free Access

Q4 2023

Company / Country	Industry	Details*	Attack Vector	Threat Group
Motel One/Germany	Hospitality	A total of 24,449,137 files, roughly equivalent to 6TB of data was stolen.	Ransomware	BlackCat (ALPHV)
McLaren HealthCare/USA	Healthcare	The attack resulted in network outages at 14 facilities.	Ransomware	BlackCat (ALPHV)
Rossiya Airlines, Pobeda, and Aeroflot/Russia	Aviation	Russian flight booking system Leonardo was attacked, which affected several carriers.	DDoS	IT Army
Johnson Controls/Global	Technology	The attack encrypted various company devices and 27TB of corporate data was stolen.	Ransomware	Dark Angels Team
Sony	Technology	Threat actors claimed to have successfully breached Sony’s systems.	Ransomware/Data Leak	RansomedVC/MajorNelson
Mixin Network	Cryptocurrency	Hackers pilfered $200 million in assets by targeting a cloud service provider.	Third-party	Unknown
MGM Resorts	Entertainment/Hospitality	The attack resulted in disruptions across more than 30 hotels and casinos worldwide.	Social Engineering	Scattered Spider
Airbus/Global	Aviation	Hacker exposed sensitive data from 3,200 Airbus vendors.	Account Breach	USDoD
CoinEx	Cryptocurrency	Large amounts were transferred to an address with no prior history.	Fraudulent Transactions	Unknown
Stake.com	Entertainment	Hackers stole more than $40 million in cryptocurrency.	Fraudulent Transactions	Unknown

* Details given to these events might be claims by the threat actors.

Q3 2023

Company / Country	Industry	Details*	Attack Vector	Threat Group
BAZAN Group/Israel	Energy, Oil	The cyberattack caused website disruptions and exposed SCADA systems.	Vulnerability Exploit	Cyber Avengers
Activision/USA	Video Games	Modern Warfare 2 (MW2) servers were taken offline due to a worm.	Malware	Unknown
NATO COI	Political/Defense	ATO’s Communities of Interest (COI) Cooperation Portal was allegedly hacked.	Data Theft	SiegedSec
Alphapo	Cryptocurrency	Over $60 million was drained from hot wallets in cryptocurrencies.	Wallet Exploit	Lazarus
CoinsPaid	Cryptocurrency	CoinsPaid reported a $37.2 million cyber attack.	Malware	Lazarus
Ministry of Health and Population/Egypt	Government Agency	Threat actor claimed to have acquired 2 million data records.	Unknown	Unknown
Tampa General Hospital/USA	Healthcare	Security breach compromised patient data of up to 1.2 million patients.	Network Breach	Unknown
HCA Healthcare/USA	Healthcare	Potential theft of 11 million patients’ data offered for sale on a cybercrime forum.	Data Breach	Unknown
Directorate General of Immigration/Indonesia	Government Agency	Hacktivist offered personal information of 35 million Indonesian passport holders on the dark web.	Data Leak	Bjorka
Multichain	Cryptocurrency	Cyberattack led to theft of over $125 million in cryptocurrency.	Fraudulent Transactions	Unknown
Nickelodeon	Entertainment	Nickelodeon confirmed the leak of 500GB of files.	Unauthorized Access	Unknown
Poly Network	Cryptocurrency	The attackers made off with approximately $42 billion worth of cryptocurrency.	Fraudulent Transactions	Unknown
Microsoft	Technology	Anonymous Sudan claimed to hack Microsoft, but Microsoft denied legitimacy of the data.	Data Theft	Anonymous Sudan
Exactly Protocol	Cryptocurrency	The company acknowledged the theft of $7.3 million worth of ETH.	Unknown	Unknown
Duolingo/Global	Online Education	A data breach has exposed the private details of 2.6 million Duolingo users.	Data Scraping	Unknown
Discord.io	Software	Data breach of the third-party app affected 760K Discord users.	Unknown	Akhirah
IBM	Technology	IBM’s MOVEit hack led to 14M individuals’ health data being compromised.	Vulnerability Exploit	Clop Ransomware
Fukushima Power Plant/Japan	Energy	21 websites linked to the power plant was attacked in operation “Tango Down.”	DDoS	EUTNAIOA/Anonymous Italia Collective
Colorado Department of Higher Education (CDHE)/USA	Education	CDHE revealed a major data breach following a ransomware attack in June.	Ransomware	Unknown
Mom’s Meals/USA	Food and Beverage/Healthcare	Data breach impacted a total of 1,237,681 individuals.	Ransomware	Unknown
Multiple Banks/Italy	Financial	NoName has claimed cyberattacks on Italian banks, businesses, and government agencies.	DDoS	NoName057(16)
Salesforce	Software	Attackers leveraged a Salesforce feature to gain control of @salesforce[.]com addresses.	Vulnerability Exploit	Unknown

* Details given to these events might be claims by the threat actors.

Q2 2023

Company / Country	Industry	Details*	Attack Vector	Threat Group
3CX / Global	Telecommunications	A supply chain attack led to another, it started by a malware infected package on Trading Technologies’ website.	Supply Chain Attack	UNC4736
American Bar Association / Global	Legal	A hacker obtained older credentials of 1.4 million members from ABA’s network.	Unauthorized Access	Unknown
Hundred Finance / Global	Cryptocurrency	DeFi protocol Hundred Finance hacked, loses $7M in assets.	Flash Loan Attack	Unknown
Bitrue / Global	Cryptocurrency	Bitrue hot wallet exploit resulted in $23M theft.	Wallet Exploit	Unknown
Hyundai / France, Italia	Automotive	Hackers gained access to information of French and Italian Hyundai customers who booked test drives.	Unauthorized Access	Unknown
Yum! Brands / UK	Foodservice	The company reported data breach and temporarily shut down 300 restaurants in the UK.	Ransomware	Unknown
Yellow Pages Group / Global	Media	The publisher’s confidential documents were leaked.	Ransomware	Black Basta Ransomware
Skolkovo Foundation / Russia	Technology	Ukrainian hacktivists gained access to certain information systems, including the organization’s file-hosting service on physical servers.	Unauthorized Access	SUDO RM-RF
RaidForums	Forum	The administrator of Exposed leaked the RaidForums database for nearly 479,000 members’ information.	Unknown	Impotent
Jimbos Protocol	Cryptocurrency	Due to exploitation of a liquidity conversion vulnerability, 4,000 ETH ($7.5 million) was lost.	Vulnerability Exploit	Unknown
MCNA Dental	Healthcare Insurance	Company discovered and reported a data breach that affected nearly 9 million patients.	Unauthorized Access	LockBit
Luxottica / Global	Retail	Hackers exposed the personal information of over 70 million customers.	Ransomware	Unknown
Bank Syariah Indonesia (BSI) / Indonesia	Finance	LockBit released 1.5 terabytes of personal and financial data obtained from BSI.	Ransomware	LockBit
PharMerica / USA	Healthcare Retail	PharMerica encountered a significant data breach impacting 5.8 million patients.	Unauthorized Access	Money Message
Discord / Global	Communication	Discord has revealed a data breach resulting from the compromise of a third-party customer service agent’s account.	Third-Party Data Breach	Unknown
Fullerton India / India	Finance	LockBit has released 600 gigabytes of critical data stolen from Fullerton India.	Ransomware	LockBit
Brightline / USA	Healthcare	Brightline confirmed a data breach due to vulnerable GoAnywhere MFT service, 783,606 individuals’ PHI was stolen.	Vulnerability Exploit	Clop
Level Finance	Cryptocurrency	Hackers exploited a smart contract vulnerability in Level Finance, stealing 214,000 LVL tokens.	Vulnerability Exploit	Unknown
HWL Ebsworth	Legal	BlackCat ransomware hacked HWL Ebsworth and stole 4TB of company data.	Ransomware	BlackCat (ALPHV)
TSMC / Taiwan	Semiconductor Manufacture	Demanding a $70 million ransom, LockBit threatens to leak alleged data unless TSMC pays.	Ransomware	National Hazard Agency (LockBit)
Shell / Global	Energy	Clop ransomware targeted Shell in MOVEit attacks.	Ransomware	Clop
Fort Worth Government / USA	Public	Hackers stole 180GB data from the website of Fort Worth.	Data Breach	SiegedSec
CalPERS / USA	Public	Data breach affected approximately 769K retired California employees and beneficiaries.	Ransomware	Clop
University of Manchester / UK	Education	Threat actors claim to have stolen 7 TB of data during the attack.	Ransomware	Unknown
Onix Group / USA	Real Estate	Attackers accessed 319,500 patients’ and employees’ information during a ransomware attack.	Ransomware	Unknown
DBSA / Southern Africa	Finance	The Development Bank of Southern Africa (DBSA) was targeted in a cyberattack.	Ransomware	Akira
Zacks Investment Research	Investment	Zacks experienced another data breach, impacting 8.8 million customers.	Data Breach	Unknown
Intellihartx / USA	Healthcare Revenue Management	Intellihartx notified 490K individuals of data compromise in GoAnywhere zero-day attack.	Ransomware	Clop
Atomic Wallet	Cryptocurrency	Atomic Wallet was hacked, stolen crypto value exceeds $35M.	Unknown	Unknown
Enzo Biochem / USA	Biotechnology	PHI of 2.5 million individuals in the US was stolen in a cyber attack.	Ransomware	Unknown

* Details given to these events might be claims by the threat actors.

Q1 2023

Company / Country	Industry	Details*	Attack Vector	Threat Group
T-Mobile / Global	Telecommunication	A threat actor used a T-Mobile API to gain access to 37 million active customer accounts’ personal information.	Unauthorized Access	Unknown
Deezer / Global	Music Streaming	Threat actors leaked 250M+ Deezer users’ information.	Third Party	Unknown
Zacks Investment Research	Investment	Hackers broke into the Zacks Investment Research business and obtained access to 820,000 customers’ private and sensitive information.	Unauthorized Access	Unknown
Cellebrite / Israel	Digital Intelligence	Threat actors stole 1.7TB of data, including Cellebrite’s software and other documentation.	Unauthorized Access	Unknown
RailYatri / India	Travel	31 million entries of the Indian train ticket platform were leaked on a hacker forum.	Misconfiguration	Unknown
Regal Medical Group / Southern California	Healthcare	PII and PHI of over 3 million patients were stolen in the ransomware attack.	Ransomware	Unknown
AT&T / Global	Telecommunications	AT&T has announced that approximately 9 million customers were affected by a data breach.	Third-Party Breach	Unknown
Akamai / Asia-Pacific (APAC)	Unknown	Akamai mitigated a DDoS attack that peaked at 900.1 Gbps and 158.2 million PPS.	DDoS	Unknown
Euler Finance / Global	Cryptocurrency	Euler Finance crypto lending platform was hacked for $197 million in crypto.	Flash Loan Attack	Jacob
Independent Living Systems / USA	Healthcare	ILS reported a data breach that affected 4.2 million individuals.	Unauthorized Access	Unknown
Latitude Financial / Australia	Finance	Data breach of Latitude Financial resulted in theft of 14 million customer records.	Unauthorized Access (Employee Credentials)	Unknown
TMX Finance / USA	Finance	TMX Finance and its subsidiaries suffered a breach affecting nearly 5 million customers.	Unauthorized Access	Unknown

* Details given to these events might be claims by the threat actors.

Q4 2022

Company / Country	Industry	Details*	Attack Vector	Threat Group
MyDeal / Australia	Retail	Woolworths’ MyDeal subsidiary reported a data breach impacting 2.2 million customers. The hacker was attempting to sell the stolen information on a hacker forum.	Unauthorized Access	Undetermined
Bundeskriminalamt (BKA) / Germany	Finance	The Bundeskriminalamt (BKA) of Germany detained a person (age 24) and two alleged collaborators after they were suspected of stealing €4,000,000 from online users through phishing attacks.	Phishing	Unknown
Kingfisher / UK	Retail	The LockBit ransomware organization claimed the theft of 1.4 TB of Kingfisher’s data, including the personal information of its workers and clients.	Ransomware	LockBit
Medibank / Australia	Healthcare	The unidentified hackers claim to have 200 gigabytes of data from Medibank, an Australian private health insurer with about 3.9 million clients in a nation of about 25 million.	Ransomware	Undetermined
Aarti Drugs / India	Healthcare	The BianLian ransomware organization exposed Aarti Drugs’ private information on a dark web forum.	Ransomware	BianLian
Wynncraft Minecraft Server	Video Games	Cloudflare announced that it has successfully stopped a 2.5 Tbps distributed denial-of-service (DDoS) attack by a Mirai botnet, targeted at the Wynncraft Minecraft server.	DDoS	Mirai Botnet
Concorsi Sanitari Integral / Barcelona	Healthcare	RansomExx ransomware gang leaked a 52-gigabyte file on the dark web, which contained information stolen from the Consorci Sanitari Integral.	Ransomware	RansomExx
Tata Power / India	Power Industry	A leading power-producing company in India, Tata Power, has confirmed becoming the victim of a cyberattack.	Ransomware	Hive
Whoosh / Russia	Transportation	The Russian scooter rental service Whoosh has reported a data breach after hackers started to sell a database containing the personal information of 7.2 million users on a hacking forum.	Data Leak	Undetermined
Banks and Telecommunication Services / Africa	Finance, Telecommunication	A threat group known as OPERA1ER has used hacking tools to steal at least $11 million from African banks and telecommunications service providers.	Network Breach	OPERA1ER
Medibank / Australia	Healthcare	About 9.7 million customers’ private information, as well as those of some of their authorized representatives, were accessed. Medibank refused to pay ransom.	Ransomware	REvil
AirAsia / Malaysia	Airline	Daixin ransomware group leaked sample data from Malaysian airline AirAsia. They allegedly gained access to the information of the company’s employees and 5 million passengers.	Ransomware	Daixin
Deribit	Cryptocurrency	Deribit exchange reported that its hot wallet had been compromised. After suffering a $28 million hot wallet hack, the exchange stopped accepting withdrawals.	Unauthorized Access	Unknown
Continental / Germany	Tire Manufacture	LockBit ransomware gang hacked Continental, stealing approximately 40TB of data. The data is said to have been listed for sale after Continental refused to pay the ransom.	Ransomware	LockBit
The Indian Railways / India	Transportation	The Indian Railways experienced a data breach on December 27 that resulted in the theft of the personal information of about 30 million people. The data was listed for sale on the dark web.	Unauthorized Access	Shadohacker
BTC.com	Cryptocurrency	The biggest cryptocurrency mining pool, BTC.com, reported being the target of a cyberattack that stole digital assets worth about $3 million.	Undetermined	Unknown
Twitter	Social Media	A threat actor shared 400 million Twitter user records on a dark web forum tracked by SOCRadar in December.	Vulnerability Exploit	Unknown
Okta / USA	Software	Private GitHub repositories of Okta were compromised, resulting in the theft of source code.	Unauthorized Access	Unknown
Gemini	Cryptocurrency	Personal information of 5.7 million Gemini cryptocurrency exchange customers was compromised after an unnamed third-party was victimized by an unauthorized threat actor.	Third-Party Data Breach	Unknown
Centers for Medicare and Medicaid Services of HHS / Global	Healthcare	254,000 beneficiaries were informed that their data had been compromised due to a ransomware attack on a third-party vendor.	Ransomware	Unknown

* Details given to these events might be claims by the threat actors.

Q3 2022

Company / Country	Industry	Details*	Attack Vector	Threat Group
Shields Health Care Group / U.S.A.	Healthcare	Shields Health Care Group suffered a cyber crisis that affected the personal data of nearly 2 million patients.	Unauthorized access	Undetermined
University of Pisa / Italy	Education	The criminals issued a ransom note for Saturday’s attack, giving the university administration until June 16 to pay $4.5 million.	Unauthorized access	Blackcat
Akamai / Eastern Europe	Unknown	On September 12, Akamai stopped a distributed denial-of-service attack that set a new record with 704.8 Mpps traffic per minute.	DDoS	Unknown
Wintermute	Cryptocurrency	Hackers stole $162 million from the DeFi section of Wintermute’s platform by exploiting a bug in Profanity	Vulnerability Exploit	Unknown
Rockstar Games	Video Games	Rockstar Games was subject to a network breach. GTA 5 and 6 source code and assets, and GTA 6 testing videos were claimed to be stolen.	Unauthorized access	TeaPot
Uber / U.S.A.	Transportation	Uber’s internal IT system was breached and the hacker gained access to critical company data as well as vulnerability reports from HackerOne.	Unauthorized access	TeaPot
European Union Citizens/ Ukraine	Healthcare	Hacker gang responsible for data theft of 30 million people sold the accounts on the dark web for UAH 14 million.	Malware infection	Unknown
Military and Police Organizations / Central America	Military	Hacking gang released 10TB of military emails and information in Chile, Mexico, El Salvador, Columbia and Peru.	Undetermined	Guacamaya
Indian Citizens / Republic of India	Finance	Chinese scammers allegedly stole $529 million from Indian citizens by exploiting instant lending apps, employment offers, and fake cryptocurrency trading schemes.	Phishing	Unknown

* Details given to these events might be claims by the threat actors.

Q4 2021

Company / Country	Industry	Details*	Attack Vector	Threat Group
Twitch / Global	Live Streaming Service	On hacker forums, a torrent link to a 125GB archive containing data allegedly stolen from roughly 6,000 internal Twitch Git repositories is shared	Misconfigured server	Undetermined
JVCKenwood / Japan, Global	Electronics	The ransomware group claimed to have stolen 1.7 TB of data	Unauthorized access	Conti

* Details given to these events might be claims by the threat actors.

Q3 2021

Company / Country	Industry	Details*	Attack Vector	Threat Group
MyRepublic / Singapore, New Zealand, and Australia	Telecommunication/ISP	Personal information data of 80K mobile subscribers are exposed	Access through a third-party data storage platform	Unknown
Yandex / Russia	Technology Solutions and Search Engine Provider	DDoS attacks with 21.8 million requests per second (world record so far)	DDoS attack	Mēris Botnet
Fortinet / USA	Cybersecurity Solution Provider	500 Fortinet VPN credentials are leaked	Ransomware	Groove
Bangkok Airways / Thailand	Airline	6TB data stolen by using credentials leaked from breached Accenture systems	Ransomware	LockBit 2.0
Neiman Marcus / USA	Luxury Retail	Neiman Marcus sent notices of a data breach (online account credentials) to 4.3 million customers. The data breach started in May 2020 until it was discovered in September 2021	Undetermined	Undetermined
Microsoft Exchange Autodiscover Bug / Global	IT	A bug in the Microsoft Exchange Autodiscover leaked around 100,000 credentials for Windows domains worldwide	N/A	Guardicore’s AVP of Security Research discovered the bug

* Details given to these events might be claims by the threat actors.

Q2 2021

Company / Country	Industry	Details*	Attack Vector	Threat Group
Colonial Pipeline / USA	Oil	Affected its computerised equipment managing the pipeline, disrupting the fuel supply to most of the US East Coast for days	Ransomware	DarkSide
CNA / USA	Finance	Majority of policyholder data impacted	Ransomware	Phoenix Locker
Brenntag / Germany	Chemical distribution	Stolen 150 GB of data	Ransomware	DarkSide
LinkedIn / USA	Social Media	500 M accounts leaked	Data Breach	Unknown
Facebook / USA	Social Media	Impacted 533 Million Users	Data Breach	Unknown
University of California Schools / USA	Education	Copied and transferred UC files by exploiting a vulnerability in Accellion’s file transfer service	Ransomware	Unknown
Washington DC Police Department / USA	Government	Leak of 250 GB data that includes the PII of confidential informants, persons of interests, and employees	Ransomware	Babuk
The Scripps Health / USA	Health	Stolen all patient records (a half-million patients per year through 2,600 affiliated physicians)	Ransomware	Ryuk
The Health Service Executive (HSE) / Ireland	Government	Stolen 700 GB of data	Ransomware	ContiLocker
JBS Foods / Brazil	Food	Unknown	Ransomware	REvil
McDonalds	Fast food	Exposed all U.S. business information, customer data in South Korea and Taiwan	Data Breach	Unknown

* Details given to these events might be claims by the threat actors.

Q1 2021

Company / Country	Industry	Details*	Attack Vector	Threat Group
Channel Nine / Australia	Television/Broadcasting	Broadcasting and publishing systems were rendered unable	Cyber espionage	Unknown
Harris Federation / UK	Education	Temporarily disabled the devices and email systems, resulting in over 37,000 students being unable to access their coursework	Ransomware	Unknown
CNA Financial / USA	Insurance		Ransomware	Evil Corp.
Kia Motors / South Korea	Automobile	Apps, phone services, payment systems, owner’s portal and internal sites are impacted	Ransomware	DoppelPaymer
Bonobos / USA	Retail	70 GB SQL database leaked	Data Breach	ShinyHunters
Bangkok Airways / Thailand	Airline	6 TB data stolen by using credentials leaked from breached Accenture systems	Ransomware	LockBit 2.0
Florida Water System / USA	Supply Chain	Attempted to Poison Water Supply in Florida	Data Breach	Unknown
Microsoft’s Exchange Server / USA	Software	Expose millions of users worldwide	Zero-day exploits	Unknown
Bombardier / Canada	Aerospace	Confidential data of customers, suppliers and employees compromised	Data Breach	Unknown
Acer / Taiwan	Electronics	Acer Suffered the Highest Ransom Demand in History of $50 Million	Ransomware	REvil
University of the Highlands and Islands (UHI) / UK	Education	Caused disruption to services	Unknown	Unknown
Sierra Wireless / Multinational	Electronics	Internal operations disrupted	Ransomware	Unknowns
Accellion / China	Supply Chain	Customer data being stolen or compromised	Zero-day exploits	FIN11

* Details given to these events might be claims by the threat actors.