Cyber Attack Map 2021/2022
konbriefing.com
Bert Kondruss
Bert Kondruss
Cyber security expert
Founder and Managing Director of KonBriefing.com

Do you have questions? Send me an email
ContactBert Kondruss LinkedInBert Kondruss Xing

IT security: List of ransomware attacks and cyber attacks in 2021/2022

Who is affected? Which companies were hit by cyber attacks? The following is an overview of known cases from 2021/2022. The number of unreported cases is likely to be very high, because many victims do not go public for fear of reputational damage.

Recently added / latest cyber attacks

With date of the incident
 

List of ransomware and cyber attacks 2022

 
14 January 2022
Cyber attack on a payroll and accountancy company in the UK
Brookson Group, Warrington, England, United Kingdom
https://www.linkedin.com/posts/andrewfah...
January 2022
Cyber attack on a fund provider in Austria
Superfund, Vienna, Austria
10 January 2021
Cyber attack on school in Germany
Evangelische Schule St. Marien, Neubrandenburg, Mecklenburg-Vorpommern, Germany
https://www.nordkurier.de/neubrandenburg...
4 January 2022
Ransomware at an insurance company in Germany
Unfallkasse Thüringen (UKT), Gotha, Thuringia, Germany
All servers have been encrypted.
https://www.ukt.de/unser-service/aktuell...
4 January 2022
Ransomware at a hoster for school websites in the USA
Finalsite, Glastonbury, Connecticut, USA
https://www.finalsite.com/about-finalsit...
 

List of ransomware and cyber attacks 2021

 
28 December 2021
Cyber attack on bus operator in Iceland
Strætó, Reykjavík, Iceland
https://www.icelandreview.com/news/strae...
25 December 2021
Cyber attack on measurement technology company in Göttingen
Mahr Gruppe, Göttingen, Lower Saxony, Germany
https://www.goettinger-tageblatt.de/Nach...
December 2021
Cyber attack on a US printing company
RR Donnelley, Chicago, Illinois, USA
https://www.sec.gov/ix?doc=/Archives/edg...
December 2021
Data of 700,000 Albanians published on the Internet
Albania
https://m.faz.net/aktuell/politik/auslan...
23 December 2021
Cyber attack on Italian fashion company
Moncler S.p.A., Milano, Italy
https://d2jb2t40p81ydg.cloudfront.net/wp...
21 December 2021
Cyber attack on a Norwegian agricultural cooperative
Nortura SA, Oslo, Norway
https://www.nortura.no/nyheter/oppdateri...
21 December 2021
Cyber attack on a hospital in Canada
Arnprior Regional Health, Arnprior, Ontario, Canada
https://www.arnpriorregionalhealth.ca/un...
20 December 2021
Ransomware at healthcare software provider
CompuGroup Medical SE & Co. KGaA (CGM), Koblenz, Rhineland-Palatinate, Germany
https://www.cgm.com/deu_de
20 December 2021
Cyberattack on the Gloucester City Council
Gloucester City Council, Gloucester, England, United Kingdom
https://www.gloucester.gov.uk/media/5711...
19 December 2021
Cyber attack on French IT service provider
Inetum, Saint-Ouen, France
https://www.inetum.com/en/press/cyberatt...
16 December 2021
Email server of the social housing office of the department of Aisne in France hacked
OPAL - Office Public de l'Habitat de l'Aisne, Laon, Départements Aisne, France
16 December 2021
Cyber attack on car tuner
Manhart Performance GmbH & Co. KG, Wuppertal, North Rhine-Westphalia, Germany
As a result, emails with malicious content are sent.
https://manhart-performance.de/en/import...
December 2021
Data leak at French video game provider
Ubisoft, Montreuil, Seine-Saint-Denis, France
https://discussions.ubisoft.com/topic/12...
14 December 2021
Cyber attack on a secondary school in England
West Lakes Academy, Egremont, Cumbria, England, United Kingdom
https://www.newsandstar.co.uk/news/19784...
December 2021
Cyber attack on dental practice in Düsseldorf, Germany
Pluszahnärzte, Düsseldorf, Germany
https://www.diepluszahnaerzte.de/
10 December 2021
Cyberattack on Brazilian Ministry of Health
Ministério da Saúde, Brasilia, Brazil
https://www.gov.br/saude/pt-br/assuntos/...
10 December 2021
Cyber attack on supplier of technical springs in France
Ressorts Masselin, Le Petit-Quevilly, Normandy, France
6 December 2021
Ransomware at a community college in Tennessee
Pellissippi State Community College, Knoxville, Tennessee, USA
https://www.tbr.edu/pellissippi-state-up...
December 2021
Hackers defraud UK IT company of £365,000
Silver Bullet Data Services Group plc, London, United Kingdom
https://otp.tools.investis.com/clients/u...
4 December 2021
Hackers capture $200 million from the BitMart crypto exchange
(Location unknown)
https://support.bmx.fund/hc/en-us/articl...
3 December 2021
DDoS attack on Catalan autonomy administration websites
Generalitat de Catalunya, Barcelona, Spain
https://www.elperiodico.com/es/sociedad/...
1 December 2021
Cyber attack on the public utility company of Pirna, Germany
Stadtwerke Pirna, Pirna, Saxony, Germany
https://www.stadtwerke-pirna.de/
 
29 November 2021
Malware on mail server of a hospital association in Germany
Bayerische Krankenhausgesellschaft e.V., Munich, Bavaria, Germany
https://www.bkg-online.de/
28 November 2021
Hacker attack on Brazilian economic development agency
ApexBrasil, Brasilia, Brazil
https://www.metropoles.com/colunas/guilh...
26. November 2021
Ransomware at logistics service provider in Hong Kong
Kerry Logistics Network Limited (KLN), Hong Kong, People's Republic of China
https://www.kerrylogistics.com/media/pvg...
November 2021
Philadelphia online store operator cheated out of $30,000 in revenue
Ali's Wagon, Philadelphia, Pennsylvania, USA
The money was diverted to a bank account of the scammers.
https://6abc.com/cyber-attack-online-the...
20 November 2021
Cyber attack on a testing, inspection and certification company
Bureau Veritas, Paris, France
https://group.bureauveritas.com/newsroom...
15 November 2021
Cyber attack on technology provider in Germany
Basler AG, Ahrensburg, Schleswig-Holstein, Germany
https://www.baslerweb.com/de/unternehmen...
13 November 2021
Cyber attack on HR software in Australia
Frontier Software Australia, Australia
Among others, the records of at least 38,000 South Australia government employees were stolen.
https://au.frontiersoftware.com/news-and...
11 November 2021
Ransomware at an IT company in Germany
KISTERS AG, Aachen, North Rhine-Westphalia, Germany
https://www.kisters.de/
Oktober/November 2021
Unauthorized access to data of a specialty pharmacy
BioPlus Specialty Pharmacy Services, LLC, Altamonte Springs, Florida, USA
https://bioplusrx.com/cyber-incident/
7 November 2021
Cyberattack on a local electricity provider in Colorado
DMEA, Montrose, Colorado, USA
https://www.dmea.com/dmea-internal-netwo...
1 November 2021
Unauthorized access at the Monterey Peninsula Unified School District
Monterey Peninsula Unified School District, Monterey, California, USA
https://oag.ca.gov/system/files/Monterey...
 
28 October 2021
Cyber attack on a travel company in Germany
FTI Group, Munich, Bavaria, Germany
https://www.fti-group.com/de/presse/pres...
27 October 2021
Cyber attack on a municipal data center in the Bologna region, Italy
Unione Terre di Pianura, Bologna, Emilia-Romagna, Italy
This caused the IT of 6 municipalities to fail.
https://www.terredipianura.it/it-it/avvi...
27 October 2021
Approximately $130 million stolen from cryptocurrency platform
Cream Finance
https://twitter.com/CreamdotFinance/stat...
October 2021
Cyberattack on transit authority in Ann Arbor, Mich.
Ann Arbor Area Transportation Authority "TheRide", Ann Arbor, Michigan, USA
https://www.theride.org/about/news/theri...
21 October 2021
Malware at a state authority in Mecklenburg-Western Pomerania, Germany
Landesamt für innere Verwaltung (LAiV), Schwerin, Mecklenburg-Western Pomerania, Germany
https://www.zeit.de/news/2021-10/21/scha...
October 2021
Unauthorized access to a hospital booking system in Singapore
Agape CP Holdings Pte. Ltd., Singapore, Unauthorized access, Singapore
The booking system is operated by a service provider, affected patients include those at Fullerton Health.
https://www.fullertonhealth.com/sg/third...
20 October 2021
Malware at Swiss trade fair and event agency
MCH Group AG, Basel, Switzerland
https://www.mch-group.com/en/news/2021/c...
18 October 2021
Cyber attack on Italian copyright collecting agency
Società Italiana degli Autori ed Editori, Roma, Italy
60 GBytes of data were stolen, including personal data and bank account information. In some cases, affected artists were contacted directly by the criminals in order to blackmail them with the publication of the data.
18 October 2021
Cyber attack on IT service provider of Mecklenburg-Western Pomerania state administration
DVZ Datenverarbeitungszentrum Mecklenburg-Vorpommern GmbH, Schwerin, Mecklenburg-Western Pomerania, Germany
This caused IT outages in several city administrations.
https://www.zeit.de/news/2021-10/18/schw...
17 October 2021
Malware / Ransomware at Healthcare Provider in Los Angeles
Planned Parenthood Los Angeles (PPLA), Los Angeles, California, USA
https://www.plannedparenthood.org/planne...
15 October 2021
Ludwigslust-Parchim county, Germany, affected by malware
Ludwigslust-Parchim county administration, Parchim, Mecklenburg-Western Pomerania, Germany
The administration's IT service provider fell victim to a ransomware attack.
https://www.kreis-lup.de/Kurzmen%C3%BC/S...
15 October 2021
Municipal administration of Neustadt-Glewe, Germany, affected by hacker attack
Neustadt-Glewe, Mecklenburg-Western Pomerania, Germany
The administration's IT service provider fell victim to a ransomware attack.
https://www.neustadt-glewe.de/Kurzmen%C3...
15 October 2021
Ransomware at municipal IT service provider in Germany
Kommunalservice Mecklenburg AöR (KMS), Schwerin, Mecklenburg-Western Pomerania, Germany
This caused outages in several municipal administrations and businesses in the area.
October 2021
Cyber attack on an outfitter of luxury yachts, private jets and residences
Vedder GmbH, Lüdinghausen, North Rhine-Westphalia, Germany
https://www.wn.de/muensterland/kreis-coe...
October 2021
Cyber attack on a trust company in Switzerland
Switzerland
From citizens of the cantons of Zurich, Schwyz and Zug, tax declarations are published on the Darknet.
https://www.nau.ch/news/schweiz/erpresse...
14 October 2021
Hacker attack on social and health care company in Liguria, Italy
Azienda sociosanitaria ligure 2 (Asl2), Savona, Liguria, Italy
https://www.lastampa.it/savona/2021/10/1...
11 October 2021
Cyberattack on the largest private bank in Ecuador
Banco Pichincha, Quito, Ecuador
In a statement, the bank writes that the affected systems have been isolated and that the branch network and ATMs for cash withdrawals and debit and credit card payments are operational.
https://informacion.pichincha.com/
09/10 October 2021
Ransomware at a theater in Winterthur, Switzerland
Casinotheater Winterthur, Winterthur, Switzerland
Affected is the communication via e-mail and a planning tool.
https://www.facebook.com/casinotheater/
10 October 2021
Cyber attack on a fiduciary company in Switzerland
GRF Sociétés fiducaire SA, Morges, Vaud, Switzerland
The company works for several municipalities.
https://www.derbund.ch/neue-cyber-attack...
3 October 2021
Ransomware at logistics company in Wisconsin
Marten Transport Ltd., Mondovi, Wisconsin, USA
https://www.sec.gov/ix?doc=/Archives/edg...
2 October 2021
Ransomware attack on a university in Maryland, USA
Washington Adventist University (WAU), Takoma Park, Maryland, USA
https://www.wau.edu/wau-ransomware-attac...
2 October 2021
Cyber attack on a hospital in Franklin, Indiana
Johnson Memorial Health, Franklin, Indiana, USA
https://www.johnsonmemorial.org/
2021
The University of Mpumalanga in South Africa averts a cyber scam
University of Mpumalanga (UMP), Mbombela, Mpumalanga, South Africa
As a result of the successful defense, the university lost only 3000 Rand (200 US Dollars) instead of potentially 100 million Rand (6.7 millon US Dollars)
https://www.itweb.co.za/content/Kjlyrvw1...
1 October 2021
DDoS attack on the websites of a professional training agency in Switzerland
Schweizerisches Dienstleistungszentrum Berufsbildung | Berufs-​, Studien-​ und Laufbahnberatung (SDBB), Bern, Switzerland
(Outage of all web sites)
https://www.sdbb.ch/ueber-uns/news/detai...
 
30 September 2021
Ransomware attack on a media company in Pennsylvania
LNP Media Group Inc., Lancaster, Pennsylvania, USA
https://news.yahoo.com/more-learned-lnp-...
Email of a mayor in England hacked, used to ask others for money
Workington, Cumbria, England, United Kingdom
The Workington mayor's private email account was hacked, used to solicit money from other members of the city council.
https://www.newsandstar.co.uk/news/19617...
28 September 2021
Ransomware at the Wismar public utility company
Stadtwerke Wismar GmbH, Wismar, Mecklenburg-Vorpommern, Germany
https://www.stadtwerke-wismar.de/de/Unte...
28 September 2021
Ransomware at school district in Texas
Lufkin Independent School District (ISD), Lufkin, Texas, USA
https://www.kltv.com/2021/09/28/lufkin-i...
23 September 2021
Cyber attack on school district in Texas
Allen Independent School District (Allen ISD), Allen, Texas, USA
https://www.nbcdfw.com/news/local/allen-...
21 September 2021
Ransomware at a healthcare provider in New Hampshire.
Coos County Family Health Services, Berlin, New Hampshire, USA
http://coosfamilyhealth.org/
20 September 2021
Hacker attack on real estate company in California
Marcus & Millichap, Inc, Calabasas, California, USA
https://www.sec.gov/ix?doc=/Archives/edg...
20. September 2021
Data breach at French shipping company
CMA CGM S.A., Marseille, France
https://www.cma-cgm.com/news/3941/data-s...
19 September 2021
Ransomware attack on a Minnesota agriculture company
Crystal Valley, Mankato, Minnesota, USA
https://crystalvalley.coop/about-us/news...
September 2021
Cyber attack on manufacturer of drainage technology in Bavaria, Germany
Kessel AG, Lenting, Bavaria, Germany
https://www.donaukurier.de/nachrichten/w...
17 September 2021
Ransomware attack on the government of the Indian state of Tamil Nadu
Tamil Nadu Public Department, Fort St. George, Chennai, Tamil Nadu, Indien
September 2021
Cyber attack on a television station in Brazil
SBT Brasil, Osasco, São Paulo, Brazil
14 September 2021
Cyberattack on a hospital in Kansas, USA
Mowery Clinic, Salina, Kansas, USA
https://moweryclinic.com/notice-of-data-...
12 September 2021
Cyber attack on US technology provider
TTEC Holdings, Inc., Englewood, Colorado, USA
https://www.ttec.com/newsroom/press-rele...
11 September 2021
Data breach at Missouri teachers' pension fund
Public School and Education Employee Retirement Systems (PSRS/PEERS), Jefferson City, Missouri, USA
https://www.ai-cio.com/news/missouri-tea...
09 September 2021
Website of the Brazilian health agency ANVISA hacked
The website of the Agência Nacional de Vigilância Sanitária was hacked, demonstrating Argentine flags, presumably motivated by the controverse intervention in the Brazil-Argentina soccer match.
3 September 2021
Ransomware at a private university in Washington, D.C.
Howard University, Washington, D.C., USA
Affected is the Howard University.
https://newsroom.howard.edu/newsroom/art...
3 September 2021
Cyberattack on transit company in Quebec, Canada
Société de transport de l'Outaouais (STO), Gatineau, Quebec, Canada
https://www.ledroit.com/actualites/cyber...
1 September 2021
Hacker attack on the University of Colorado Boulder
University of Colorado Boulder, Boulder, Colorado, USA
The attack on vulnerability in an Atlassian software leaked personal data of 30,000 former employees and students.
https://www.colorado.edu/today/2021/10/2...
 
30 August 2021
Ransomware at a bank in the USA
Pacific City Bank, Los Angeles, California, USA
The attackers had access to certain customer data.
https://oag.ca.gov/system/files/Sample%2...
August 2021
Hackers grab bank data from customers of a Swiss shipping company
CGN SA, Lausanne, Switzerland
The attack took place via a pop-up on the ticket booking system's website of the CGN SA (Compagnie générale de navigation sur le Lac Léman).
https://www.computerworld.ch/security/ha...
30 August 2021
Cyber attack on a local government area of Melbourne, Australia
City of Stonnington, Melbourne, Australia
Affected is the City of Stonnington, IT systems were shut down.
https://www.heraldsun.com.au/leader/inne...
29 August 2021
Decentralized finance market looted of $4.5 million
Affected is xToken with xSNX.
https://medium.com/xtoken/xsnx-post-mort...
27 August 2021
Ransomware attack on Danish utility company
Kalundborg Forsyning, Kalundborg, Denmark
Kalundborg Forsyning is a utility company headquartered in Kalundborg, Denmark. It was hit by ransomware at the end of August.
https://kalfor.dk/kalundborg-forsyning-r...
27 August 2021
Data breach at children's advocacy group in California
Seneca Family of Agencies, Oakland, California, USA
https://senecafoa.org/notice-of-data-bre...
27 August 2021
Attack with ransomware on a hospital in California
Barlow Respiratory Hospital, Los Angeles, California, USA
https://www.barlowhospital.org/important...
25 August 2021
DDoS attack on Swiss committee for same-sex marriage
ehefueralle.ch, Bern, Switzerland
The attack comes ahead of a referendum scheduled for Sept. 26, 2021.
https://www.ehefueralle.ch/aktuelles/boe...
23 August 2021
Peterborough, New Hampshire defrauded of $2.3 million by cybercriminals
The small town of Peterborough in the northeast of the USA has about 6300 inhabitants. In July and August, it was defrauded of a total of $2.3 million. According to reports, mails with false identities were used to divert upcoming payments to the school district and two contractors to other accounts.
https://www.peterboroughnh.gov/news_deta...
22 August 2021
Educational institution in the Netherlands victim of a cyberattack
Affected is the educational institution ROC Mondriaan
https://www.rocmondriaan.nl/nieuws/2021-...
August 2021
Data breach at Swiss digital platform for businesses
SECO State Secretariat for Economy / EasyGov, Bern, Switzerland
The EasyGov platform allows companies to complete government processes electronically. In August, about 130,000 names of companies that had applied for Covid 19 credit were tapped.
19 August 2021
Cyber attack on Brazilian retail chain
Lojas Renner SA, Porto Alegre, Brazil
Lojas Renner SA is headquartered in Porto Alegre and employs approximately 22,000 people. There were disruptions to operations, no ransom was paid.
https://api.mziq.com/mzfilemanager/v2/d/...
18 August 2021
Ransomware at the health authority of the Tuscany region in Italy
Affected is the Agenzia Regionale di Sanità (ARS) della Toscana in Florence. Only epidemiological and statistical data that can be restored from backups were encrypted.
https://www.ansa.it/toscana/notizie/2021...
16 August 2021
Hackers offer to buy 100 million customer records of US mobile operator
T-Mobile USA confirms a cyber incident.
https://www.t-mobile.com/news/network/cy...
August 2021
Unauthorized access to data from a group of ENT physicians in Texas
Texas ENT, Texas, USA
More than 500,000 records are potentially affected.
Nwp-content/uploads/2021/12/Texas_ENT_Sp...
August 2021
Email accounts of a West Virginia health system hacked
Monongalia Health System, Inc., Morgantown, West Virginia, USA
The intention was to fraudulently divert payments intended for a supplier.
https://www.monhealth.com/Uploads/Public...
15 August 2021
Cyber attack on the data center of the Pakistani tax authority
The point of attack is said to have been the Hyper-V software. Website and systems are down.
https://tribune.com.pk/story/2315712/fbr...
15 August 2021
Cyber attack on a health system in Marietta, Ohio.
Memorial Health System is a not-for-profit health system that operates three hospitals and several other facilities in the Marietta area. A cyberattack took place in the early morning hours of Aug. 15.
http://mhsystem.org/cyberattack
13 August 2021
Ransomware in the network of the Brazilian National Treasury Secretariat
The Secretaria do Tesouro Nacional is part of the Ministry of Economy and has its headquarters in Brasilia.
https://www.gov.br/tesouronacional/pt-br...
12 August 2021
Cyber attack on Swiss hospital group
Olten, Switzerland
Patient data would not be affected. The website states that the group can now only be reached by phone.
https://www.pallas-kliniken.ch/de/news/a...
10 August 2021
Cyberattack on a platform for applying for visas for France
Personal data of the applicants was stolen.
https://www.interieur.gouv.fr/sites/mini...
09 August 2021
Hacker attack on savings bank association
The Savings Banks Association of Baden-Württemberg, Germany, has been the victim of a hacker attack. The criminals threaten to publish internal information and demand a ransom.
https://www.it-finanzmagazin.de/sparkass...
8 August 2021
Ransomware at fertility clinic in Massachusetts
ReproSource, Marlborough, Massachusetts, USA
Data on approximately 350,000 patients may have been disclosed.
https://www.reprosource.com/wp-content/u...
08 August 2021
Cyber attack on construction company in Germany
IT systems at several locations are affected, and work processes are significantly impaired.
https://www.leonhard-weiss.com/cyberatta...
05 August 2021
Leakage of customer data at South Korean offshoot of French luxury brand
Chanel Korea sincerely apologizes for the theft of personal data in a cyber attack.
https://cloud.e-news.chanel.com/privacy_...
August 2021
Rasomware at the Lazio region in Italy
The Lazio region is located in central Italy and includes the city of Rome. With the hacker attack, the Corona vaccination portal is also down. The attack took place via the PC of an employee of an IT company belonging to the region. Later, a leading Italian newspaper wrote that the attack on the region was related to an attack on an external IT service provider, which was denied by the external service provider.
https://www.rainews.it/tgr/tagesschau/ar...
 
July 2021
Ransomware at the city government of Lewiston, Minnesota
City government, Lewiston, Minnesota, USA
https://www.lewistonmn.org/news/
26 July 2021
Hacker attack on housing company in Salford, UK
ForHousing, Salford, United Kingdom
The city of Salford is located in Greater Manchester and has a population of around 73,000. The company ForHousing there was affected.
https://www.forhousing.co.uk/news/import...
July 2021
Cyber attack on IT service provider, waste fee notices tapped
During a cyber attack on an IT service provider, a print file of the waste management company Landkreis Altenkirchen containing 10,000 data records was tapped.
https://www.ak-kurier.de/akkurier/www/ar...
23 July 2021
Facebook page of a French regional newspaper hacked.
The hack at the Le Progrès newspaper was used to promote a terrorist organization.
https://www.leprogres.fr/societe/2021/07...
22 July 2021
Cyber attack on South African state-owned logistics company
Transnet is headquartered in Johannesburg and operates railroads, ports and pipelines.
July 2021
Possible 1 terabyte of data stolen from Saudi oil company
Saudi Aramco is the world's largest oil company, headquartered in Dhahran. The data was apparently stolen from a contractor and parts of it have surfaced on the darknet.
https://www.ft.com/content/272259b0-8e98...
11 July 2021
Cyberattack on group of anesthesiology physicians in Oregon
Oregon Anesthesiology Group, P.C. (OAG), Oregon, USA
Potentially 750,000 records are affected.
https://www.oaginformation.com/
20 July 2021
Cyber attack on French rugby club
Montpellier Hérault Rugby MHR is the rugby club of the city on the Mediterranean coast and plays in the top league. The attack encrypted the data, and the perpetrators are demanding a ransom.
https://twitter.com/MHR_officiel/status/...
https://www.rugbyrama.fr/rugby/top-14/20...
19 July 2021
Data breach due to burglary at mental health care provider in Seattle
Samaritan Center of Puget Sound, Seattle, Washington, USA
https://samaritanps.org/wp-content/uploa...
July 2021
Cyber attack at French research institute
Inserm Transfert is a subsidiary of the l'Institut national de la santé et de la recherche médicale (Inserm)
https://www.lepoint.fr/societe/l-inserm-...
July 2021
Bus operator of an English city affected by cyber attack
Nottingham, United Kingdom
Nottingham City Transport is the city's largest bus operator, and personal data was not affected by the incident.
https://www.nctx.co.uk/nct-it-issues
July 2021
Multi-million dollar cyber fraud at Illinois creditor protection organization
Office of the Special Deputy Receiver (OSD), Chicago, Illinois, USA
Approximately $4 million was stolen.
https://www.govtech.com/security/cyber-a...
July 2021
Facebook stops Iran spying action
As part of an espionage operation, the Facebook platform was used to target individuals working in the military, defense and aerospace sectors, mainly in the US. Social engineering, phishing, identity theft, and malware were used.
https://about.fb.com/news/2021/07/taking...
July 2021
Hacker attack on the city council of Geisenheim, Germany
The Hessian town of Geisenheim is located on the Rhine, about 20 km southwest of Wiesbaden, and has about 11,000 inhabitants. According to initial assessments, the administration will be offline for at least 3 weeks, and 2 or 3 months are expected for the return to normal.
https://www.geisenheim.de/artikel/presse...
July 2021
Targeted attack on experts with a focus on the Middle East
London, United Kingdom
The security service provider Proofpoint has analyzed a targeted attack on experts, professors and journalists with a focus on the Middle East. Access data to various online services was to be tapped via the compromised website of a well-known institute of the University of London. The attack is attributed to Iran.
https://www.proofpoint.com/us/blog/threa...
13 July 2021
Cyberattack on Chicago-area physician group
Affected is the DuPage Medical Group (DMG). According to press reports, potentially 600,000 patients are affected by the data theft.
https://www.dupagemedicalgroup.com/notic...
July 2021
Cyber attack on insurance company from Germany
Haftpflichtkasse VVaG, Darmstadt, Germany
Haftpflichtkasse VVaG from Darmstadt has been affected by a cyber attack and business operations are restricted.
https://www.wiwo.de/it-systeme-hackerang...
July 2021
Canadian consumer electronics provider hit by ransomware
D-BOX Technologies, Longueuil, Quebec, Canada
D-Box Technologies has its headquarters near Montreal in the province of Québec. Numerous systems are affected by the ransomware, and business operations are expected to be significantly disrupted for several days.
https://www.d-box.com/en/blog/2021/07/14...
July 2021
French IT company hit by ransomware
The Keyrus Group has about 3000 employees worldwide, and its turnover in 2020 was about 261 million euros. Presumably, the incident is due to the Kaseya VSA attack.
https://www.keyrus.com/fr/fr/categorie/f...
July 2021
Cyber attack on Anhalt-Bitterfeld county district office in Germany
The county has declared a disaster situation. The work of the administration is severely restricted at all locations.
https://www.anhalt-bitterfeld.de/de/meld...
July 2021
Ransomware at German label printing company after Kaseya attack
Kaseya was installed on all computers by the IT service provider, and the ransomware was brought onto the systems via it.
https://www.swr.de/swraktuell/rheinland-...
July 2021
IT security incident at print-on-demand provider from Germany
Spread Group experienced a cyber attack in which address, contract and bank data were compromised.
https://help.spreadshirt.com/hc/de/artic...
July 2021
Ransomware attack on Swiss online rating platform
Comparis.ch AG, Zurich, Switzerland
Comparis.ch AG operates a large comparison portal and has almost 200 employees. In the attack, IT systems were blocked, the website was down and data was probably stolen.
https://www.comparis.ch/comparis/info/ra...
Cyber attack on Swiss manufacturer of household appliances
V-Zug, Zug, Switzerland
The company V-Zug has its headquarters in Zug. The cyber attack was blocked, so there were no disruptions.
https://www.netzwoche.ch/news/2021-07-28...
July 2021
Cyber attack at New South Wales school authorities in Australia
NSW Department of Education, Parramatta, New South Wales, Australia
Several systems were shut down following a cyberattack. The incident occurred a few days before the start of school term 3.
https://education.nsw.gov.au/news/media-...
July 2021
Several IT service providers in Germany affected by Kaseya incident
According to the BSI, several IT service providers and companies in Germany are affected.
05 July 2021
Data breach in a French laboratory
Personal data of patients was also stolen.
https://www.lab-cerba.com/home/vous-info...
July 2021
Route software at Dutch waste disposal company disrupted after cyber attack
https://cyclusnv.nl/storing-routesoftwar...
July 2021
Ransomware at IT provider in Belgium
ITxx, Antwerp, Belgium
ITxx is a managed service provider in Antwerp. After a ransomware attack, the data of about 50 customers was encrypted. A ransom demand of $1.5 million was initially made, which was later reduced to $300,000. The company paid the ransom as it was the only way to recover the data.
July 2021
Kaseya VSA: IT service provider from the Netherlands affected by ransomware
The IT service provider VelzArt has about 30 employees and is headquartered in the city of Waardenburg in the Dutch province of Gelderland. The company was a user of the Kaseya VSA software and was hit by the world-wide cyber attack. The company has documented the events in detail on its own blog.
https://velzart.nl/blog/ransomeware/
July 2021
Ransomware is distributed via a gap in remote support software
Numerous users of the remote maintenance software are affected.
https://helpdesk.kaseya.com/hc/en-gb/art...
 
June 2021
11 companies in Weiden affected by cyber attacks
Presumably, ransomware was transferred from one company to the next.
https://www.br.de/nachrichten/bayern/hac...
June 2021
Customer data stripped from the computer of a support employee of a large IT company
Microsoft, Redmond, Washington, USA
https://msrc-blog.microsoft.com/2021/06/...
24 June 2021
Possible data breach theft of protected data at health care provider
Metro Infectious Disease Consultants reports that there was unauthorized access to an email account, and as a result there may have been access to the data of more than 171,000 patients.
17 June 2021
Ransomware at a health system in Savannah, Georgia
St. Joseph`s/Candler operates several hospitals and other facilities in the Savannah region, Georgia (USA). Unknown persons had access to the network since December 18, 2020, and launched a ransomware attack.
https://www.sjchs.org/patient-privacy/po...
June 2021
Cyber attack at housing company in the west of France
Deux-Sèvres Habitat is a large social housing rental company in the Deux-Sèvres department in the Nouvelle-Aquitaine region. The computer and telephone systems are affected by the cyber attack.
June 2021
Data theft at major computer games provider
Criminals have stolen large amounts of source code for games from Eletronics Arts and are offering it on the Internet. The attackers boast about how easily they gained access via purchased Slack access tokens and simple social engineering.
https://www.vice.com/en/article/wx5xpx/h...
June 2021
Ransomware at Danish hotel booking system provider
Techotel, Brøndby, Denmark
Detailed blog on how they coped with the attack
https://techotel.dk/driftinfo/
June 2021
Cyber attack on school in Scotland
Brechin High School, Brechin, Scotland, United Kingdom
Brechin is a town with about 7500 inhabitants in the east of Scotland. An outflow of personal data occurred at the high school there.
https://www.thecourier.co.uk/fp/news/loc...
3 June 2021
Ransomware at IT service provider for schools in Kent, UK
Cantium Business Solutions, Kings Hill, Kent, United Kingdom
https://www.brabourne.kent.sch.uk/wp-con...
 
30 May 2021
Ransomware at the municipality of Rolle in Switzerland
The municipality of Rolle in the canton of Vaud is located on Lake Geneva, between Lausanne and Geneva, and has about 5400 inhabitants. The consequences of the attack were initially underestimated.
https://www.nau.ch/news/schweiz/gemeinde...
21 May 2021
Attack on Swiss pharmaceutical company
Siegfried AG is headquartered in Zofingen in the canton of Aargau. Due to the attack, production was down at several sites. Exceptions were the sites in Spain, which have their own network.
https://www.siegfried.ch/siegfried+von+a...
https://www.siegfried.ch/siegfried+%25c3...
19 May 2021
Ransomware at medical lab in Florida
Nationwide Laboratory Services, Boca Raton, Florida, USA
Personal data of potentially 33,000 patients were affected.
https://www.infosecurity-magazine.com/ne...
May 2021
Cyber attack on a university in Glasgow
Glasgow Caledonian University (GCU), Glasgow, Scotland, United Kingdom
https://www.gcu.ac.uk/theuniversity/univ...
May 2021
Cyber attack on French service provider for receivables management
The iQera Group is headquartered in Paris and employs 2300 people.
https://www.iqera.com/fr/communique-de-p...
05 May 2021
Ransomware at Norwegian energy technology provider
Volue ASA is headquartered in Norway and was very open about the cyber attack.
https://www.volue.com/news/update-on-cyb...
May 2021
Ransomware attack on French producer of renewable energy
Albioma is headquartered in Paris and has locations in the French overseas territories.
https://www.albioma.com/wp-content/uploa...
April 2021
Large-scale DDoS attack on Belgian network operator
Belnet, Belgium
The Belgian operator Belnet was the victim of a denial-of-service attack. As a result, political institutions, universities and research facilities were not accessible.
03 May 2021
Malware at refuse disposal district in Berlin, New Hampshire
Androscoggin Valley Regional Refuse Disposal District, Berlin, New Hampshire, USA
https://www.doj.nh.gov/consumer/security...
May 2021
Major US telecom service provider notices 5-year hack
Syniverse Corporation, Tampa, Florida, USA
The unauthorized access began in 2016.
https://www.sec.gov/Archives/edgar/data/...
May 2021
Hacker attack on dairy in Germany
Ehrmann, Oberschönegg, Bavaria, Germany
https://moproweb.de/news/home/hackerangr...
 
April 2021
Ransomware at furniture store in Hesse, Germany
Sommerlad, Gießen, Germany
https://www.sommerlad.de/news/detail/hac...
27 April 2021
Ransomware at the Municipality of Whistler, British Columbia
The Resort Municipality of Whistler (RMOW) is located 78 miles north of Vancover and has about 12,000 inhabitants. It became the victim of a ransomware attack.
https://www.piquenewsmagazine.com/local-...
April 2021
French logistic company hit by cyber attack
Affected companies include Colis Privé and Adrexo. Adrexo is an advertising print distribution company headquartered in Aix-en-Provence with approximately 18,000 employees. The cyberattack received some attention because in January the company had won a contract to distribute election advertising in 51 departments for the regional elections.
April 2021
Compromised emails at patient financing provider
An unauthorized bank transfer was detected and prevented. When the incident was analyzed, it was discovered that unknown persons had accessed the company's email accounts through phishing for over 1.5 months. Personal data of potentially 210,000 people was also exposed in the process.
https://info.clearbalance.org/security_i...
https://apps.web.maine.gov/online/aeview...
April 2021
Cyber attack on US supplier of clear braces
SmileDirectClub, headquartered in Nashville, Tennessee, has 4,000 employees and generated $657 million in revenue in 2020. In an initial assessment, the company expects to lose $10 million to $15 million in revenue due to the disruption in production as a result of the attack. Data and personal information were not leaked, and no ransom was paid.
https://www.sec.gov/Archives/edgar/data/...
April 2021
Cyber incident at medical technology provider headquartered in Sweden
Unauthorized access to cancer registry software in the cloud may have exposed the data of more than 200,000 U.S. patients.
https://www.elekta.com/company/company-u...
April 2021
Data theft at the University of California
University of California
Through a vulnerability in file transfer software.
https://ucnet.universityofcalifornia.edu...
 
March 2021
Defence Academy of the UK, Shrivenham, Oxfordshire, United Kingdom
20 March 2021
Data breach at US media group
Paxton Media Group, Paducah, Kentucky, USA
https://www.doj.nh.gov/consumer/security...
16 March 2021
Ransomware at an Australian hospital operator
Eastern Health, Melbourne, Australia
On March 16, an incident occurred at Eastern Health, which operates several hospitals and facilities in the Melbourne area. Most IT systems were back up and running on April 15, and patient operations returned to normal on April 27.
https://www.easternhealth.org.au/media-e...
12 March 2021
Ransomware at City of Buffalo School District
City of Buffalo School District, Buffalo, New York, USA
https://apps.web.maine.gov/online/aeview...
9 March 2021
Cyber attack on the municipality of Faaborg-Midtfyn, Denmark
Faaborg-Midtfyn, Denmark
http://www.danskekommuner.dk/Nyhedsarkiv...
March 2021
Ransomware in French hospital
The commune of Oloron Sainte-Marie is located near Pau in the department of Pyrénées-Atlantiques, about 30 km from the border with Spain. On March 8, the hospital was hit by ransomware and had to shut down its IT systems. A ransom of $50,000 is being demanded. In July, it is expected that it will take until September to return to normal operations.
March 2021
Targeted attack on authorities in Slovakia
The attack began no later than February 2021 and is attributed to the Russian hacker group, which is also blamed for the SolarWinds attack.
https://www.istrosec.com/blog/apt-sk-cob...
 
28 February 2021
Cyber attack on the University of Millersville, Pennsylvania
Millersville University of Penn., Millersville, Pennsylvania, USA
http://thesnapper.millersville.edu/index...
26 February 2021
Cyberattack on the city government of Kingman, Arizona
The city of Kingman has a population of approximately 28,000. Only a few personal data were stolen as a result of the attack. By April, operations had been restored. The method of the intrusion could not be determined.
24 February 2021
Cyberattack on IT service provider for passenger aviation
SITA Passenger Service System (US) Inc., USA, Georgia, USA
Personal data of passengers of various airlines were stolen, including 4.5 million records of India's Air India.
https://www.sita.aero/pressroom/news-rel...
February 2021
Ransomware at IT service provider in Norway
25 customers are affected. The IT service provider is headquartered in Finland.
https://www.tietoevry.com/en/newsroom/al...
February 2021
Data theft at the transport authority for New South Wales, Australia
Transport for New South Wales (TfNSW), Sydney, New South Wales, Australia
Through a vulnerability in file transfer software.
https://www.zdnet.com/article/transport-...
February 2021
Cyber attack at the French town of Chalon-sur-Saône
The city is located in the east of France between Dijon and Lyon in the department of Saône-et-Loire. It has about 45,000 inhabitants. In February 2021, the administration of the city and the Grand Chalon commune was hit by a cyber-attack, the damage amounts to about 500,000 EUR.
https://www.chalon.fr/actualites-109/cyb...
https://www.lejsl.com/faits-divers-justi...
February 2021
Cyber attack at French manufacturer of sailing and motor boats
The boat builder Bénéteau is based in Saint-Gilles-Croix-de-Vie on the French Atlantic coast.
https://presse.beneteau-group.com/actual...
14 February 2021
Ransomware at US restaurant chain
Carisch, Inc., Wayzata, Minnesota, USA
https://media.dojmt.gov/wp-content/uploa...
February 2021
Data theft and extortion at US university
University of Colorado
Through a vulnerability in file transfer software.
https://www.cu.edu/accellion-cyberattack
February 2021
Ransomware at a well-known Polish computer game development studio
The development studio CD PROJEKT RED, based in Warsaw, became a victim of ransomware. Encrypted data could be restored from backups, but the perpetrators published exfiltrated data on the Internet, including source code of games.
https://www.cdprojekt.com/en/media/news/...
https://www.cdprojekt.com/en/media/news/...
1 February 2021
Unauthorized data access at Illinois fertility clinics
Fertility Centers of Illinois (FCI), Glenview, Illinois, USA
Potentially 80,000 patient records are affected
https://ocrportal.hhs.gov/ocr/breach/bre...
 
January 2021
Aalborg Teater Facebook page flooded with phishing links
Aalborg Teater, Aalborg, Denmark
During a web-broadcast premiere in the Aalborg theater, the Facebook page generated 1,800 comments with links to fake pages where payment information was to be entered.
https://www.tv2nord.dk/aalborg/cyberkrim...
January 2021
Data breach at U.S. health insurer in Arkansas
A vulnerability in Accellion file transfer software resulted in a data theft at Arkansas Health & Wellness.
https://www.arhealthwellness.com/privacy...
January 2021
Cyber attack on a hospital in Belgium
CHwapi: Centre Hospitalier de Wallonie picarde, Tournai, Belgium
The CHwapi (Centre Hospitalier de Wallonie picarde) in the city of Tournai was the victim of a cyber attack.
https://www.lavenir.net/cnt/dmf20210118_...
January 2021
Ransomware at Angers City Council
Angers, France
The administration of Angers, a city located in the west of France, has been hit by ransomware. 200 of the city's 3000 computers are believed to be infected. As a first response, 50 emergency workstations have been set up.
15 January 2021
Data theft at Australian financial regulatory authority
Australian Securities and Investments Commission (ASIC), Sydney, Australia
Through a vulnerability in file transfer software.
https://www.zdnet.com/article/asic-repor...
09 January 2021
Hacker attack on Clearfield County administration
Clearfield County is located in Pennsylvania, in the northeastern United States.
https://gantnews.com/2021/01/12/clearfie...

Image sources

Background image of the animation: A Winkel Tripel projection of a Visible Earth image collected by the Earth Observatory experiment of the U.S. Government's NASA space agency. The reticle is 15 degrees in latitude and longitude. NASA, via Wikimedia Commons. Public Domain

About KonBriefing.com

KonBriefing.com is an independent researcher and analyst in the field of IT security, information security, risk management and compliance. The company was founded in 2019 and is based in Germany.

About the author

Bert Kondruss is senior analyst and founder of KonBriefing.com