Below is a summary of incidents from over the last year. For the full list, click the download link above.
July 2021. A data leak impacted Northern Ireland’s COVIDCert online vaccination certification service, causing their Department of Health to temporarily suspend the portal.
July 2021. Estonia stated a Tallinn-based hacker downloaded 286,438 ID photos from government database, exposing a vulnerability in a platform managed by their Information System Authority (RIA).
July 2021. A widespread APT operation was discovered against users in Southeast Asia, believed to be spearheaded by Chinese entities. Researchers found a total of 100 victims in Myanmar and 1,400 in the Philippines, including many government entities.
July 2021. The Japan 2020 Olympics was subject to data breach exposing the personal credentials of volunteers and ticket holders. The information included usernames, passwords, addresses, and bank account numbers.
July 2021. The United States, the European Union, NATO and other world powers released joint statements condemning the Chinese government for a series of malicious cyber activities. They attributed responsibility to China for the Microsoft Exchange hack from early 2021 and the compromise of more than 100,000 servers worldwide.
July 2021. Transnet Port Terminals (TPT), South Africa’s state-run ports operator and freight rail monopoly, had its rail services disrupted after a hack by unknown actors. Transnet reportedly declared it an act “force majeure.”
July 2021. Several countries used Pegasus, surveillance software created by NSO Group that targets iPhone and Android operating systems, on devices belonging to activists, politicians, and journalists.
July 2021. The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a statement exposing a spearfishing campaign by Chinese state-sponsored hackers between 2011 and 2013. The campaign targeted oil and natural gas pipeline companies in the United States.
July 2021. Iran used Facebook accounts to pose as recruiters, journalists, and NGO affiliates, targeting U.S. military personnel. The hackers sent malware-infected files or tricked targets into submitting sensitive credentials to phishing sites.
July 2021. The Russian defense ministry claimed it was hit with a DDoS attack that caused its website to shut down, stating the attack came from outside the Russian Federation.
July 2021. Norway attributed a March 2021 cyberattack on parliament’s e-mail system to China.
July 2021. Iran’s transport and urbanization ministry was the victim of a cyber attack that impacted display boards at stations throughout the country. The attack caused delays and cancellations of hundreds of trains across Iran.
July 2021. Russian hackers exploited a vulnerability in Kaseya’s virtual systems/server administrator (VSA) software allowing them to deploy a ransomware attack on the network. The hack affected around 1,500 small and midsized businesses, with attackers asking for $70 million in payment.
July 2021. The Ukranian Ministry of Defense claimed its naval forces’ website was targeted by Russian hackers who published fake reports about the international Sea Breeze-2021 military drills.