The Map is Being Updated with Attacks

Explore the Halcyon Attacks Lookout

The Halcyon Attacks Lookout (or ‘HAL’ for short) is a recent ransomware attacks watchtower, built to provide tracking of attacks, groups and their victims. Given threat actors' overarching, lucrative success from ransomware attacks, they’ve become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

Recent Attack News

Visit All Attack News
NEW
December 3, 2024

Ransomware and Data Exfiltration Attacks Put Energy Sector at Risk

Exfiltrated data could enable further ransomware campaigns as well as targeted attacks designed to cripple the US energy sector and destabilize the entire nation...

Read More
NEW
December 2, 2024

Major Costa Rican Energy Provider Hit with Ransomware Attack

The attacks on Costa Rica's energy sector may serve as practice runs for more significant attacks against critical infrastructure in countries like the United States...

Read More
NEW
November 27, 2024

Ransomware on the Move: BlackSuit, Everest, Akira, Meow

Halcyon publishes a quarterly RaaS and data extortion group reference guide, Power Rankings: Ransomware Malicious Quartile. Here's the #ransomware gangs on the move last week: BlackSuit, Everest, Meow, Akira...

Read More
NEW
November 27, 2024

Black Basta Leveraging Microsoft Teams for Social Engineering

Black Basta has shifted tactics from email-based phishing to impersonating IT help desk staff on Microsoft Teams for initial infection...

Read More
NEW
November 26, 2024

Emerging Threat Actor: Helldown Ransomware

In addition to ransomware operations, Helldown operates as a data broker, trafficking stolen data on its dark web portal...

Read More
NEW
November 26, 2024

Suspected Ransomware Attack Forces UK Hospital to Send Patients Home

Medical histories, diagnoses, and treatment plans are being leveraged to extort not only hospitals but also individual patients, compounding the harm inflicted by these attacks...

Read More

Explore the Ransomware Attacks Database

Dive into each Attack to read the full incident details. View Attacks by Group, Industry, and Country, using filters.

Attacks by Industry
Attacks by Groups
Attacks by Locations
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Tag
Showing 0 of 100
Business ServicesBusiness ServicesBusiness ServicesBusiness Services
Efisales Targeted by Kill Security in Ransomware Breach
Read more
Efisales Targeted by Kill Security in Ransomware Breach
Read More
Date
November 24, 2024
Ransomware group
Killsec
Location

Nairobi,

Nairobi, Kenya

Kenya
Industry
Business Services
Victim
Efisales
Consumer ServicesConsumer ServicesConsumer ServicesConsumer Services
Eassylife Faces Ransomware Threat from Kill Security
Read more
Eassylife Faces Ransomware Threat from Kill Security
Read More
Date
November 24, 2024
Ransomware group
Killsec
Location

Mumbai,

Mumbai, India

India
Industry
Consumer Services
Victim
Eassy Life
SoftwareSoftwareSoftwareSoftware
SASS Datentechnik Faces Ransomware Attack by INC Ransom Group
Read more
SASS Datentechnik Faces Ransomware Attack by INC Ransom Group
Read More
Date
November 24, 2024
Ransomware group
Inc Ransom
Location

Gilching,

Gilching, Germany

Germany
Industry
Software
Victim
SASS AG
GovernmentGovernmentGovernmentGovernment
Cullman County Commission Hit by BlackSuit Ransomware Attack
Read more
Cullman County Commission Hit by BlackSuit Ransomware Attack
Read More
Date
November 24, 2024
Ransomware group
Black Suit
Location

Cullman, Alabama

Cullman, USA

USA
Industry
Government
Victim
Cullman County Commission
Real EstateReal EstateReal EstateReal Estate
Pastor Real Estate Faces Ransomware Threat from INC Ransom
Read more
Pastor Real Estate Faces Ransomware Threat from INC Ransom
Read More
Date
November 24, 2024
Ransomware group
Inc Ransom
Location

London,

London, United Kingdom

United Kingdom
Industry
Real Estate
Victim
Pastor Real Estate
Healthcare ServicesHealthcare ServicesHealthcare ServicesHealthcare Services
Concord Orthopaedics Faces Everest Ransomware Threat
Read more
Concord Orthopaedics Faces Everest Ransomware Threat
Read More
Date
November 24, 2024
Ransomware group
Everest
Location

Concord, New Hampshire

Concord, USA

USA
Industry
Healthcare Services
Victim
Concord Orthopaedics
Law Firms & Legal ServicesLaw Firms & Legal ServicesLaw Firms & Legal ServicesLaw Firms & Legal Services
Nationwide Legal LLC Faces Ransomware Threat from Kill Security
Read more
Nationwide Legal LLC Faces Ransomware Threat from Kill Security
Read More
Date
November 24, 2024
Ransomware group
Killsec
Location

Los Angeles, California

Los Angeles, USA

USA
Industry
Law Firms & Legal Services
Victim
Nationwide Legal
Consumer ServicesConsumer ServicesConsumer ServicesConsumer Services
STIIIZY Faces Data Breach by Everest Ransomware Group
Read more
STIIIZY Faces Data Breach by Everest Ransomware Group
Read More
Date
November 24, 2024
Ransomware group
Everest
Location

Los Angeles, California

Los Angeles, USA

USA
Industry
Consumer Services
Victim
STIIIZY
TelecommunicationsTelecommunicationsTelecommunicationsTelecommunications
SFR Faces Data Threat from APT73/BASHE Ransomware Group
Read more
SFR Faces Data Threat from APT73/BASHE Ransomware Group
Read More
Date
November 23, 2024
Ransomware group
APT73
Location

Courbevoie,

Courbevoie, France

France
Industry
Telecommunications
Victim
SFR
SoftwareSoftwareSoftwareSoftware
RAO d.o.o. Faces Ransomware Threat from APT73/BASHE Group
Read more
RAO d.o.o. Faces Ransomware Threat from APT73/BASHE Group
Read More
Date
November 23, 2024
Ransomware group
APT73
Location

Zagreb,

Zagreb, Croatia

Croatia
Industry
Software
Victim
RAO d.o.o.
GovernmentGovernmentGovernmentGovernment
APT73/BASHE Ransomware Hits Punjab Local Government Department
Read more
APT73/BASHE Ransomware Hits Punjab Local Government Department
Read More
Date
November 23, 2024
Ransomware group
APT73
Location

Chandigarh,

Chandigarh, India

India
Industry
Government
Victim
Local Government Department, Punjab
Business ServicesBusiness ServicesBusiness ServicesBusiness Services
Protecta Security Breached by APT73/BASHE Group in Ransomware Attack
Read more
Protecta Security Breached by APT73/BASHE Group in Ransomware Attack
Read More
Date
November 23, 2024
Ransomware group
APT73
Location

Surquillo,

Surquillo, Peru

Peru
Industry
Business Services
Victim
Protecta Security
Energy, Utilities & WasteEnergy, Utilities & WasteEnergy, Utilities & WasteEnergy, Utilities & Waste
Gulf Energy Maritime Faces Ransomware Threat from RA World
Read more
Gulf Energy Maritime Faces Ransomware Threat from RA World
Read More
Date
November 23, 2024
Ransomware group
Ra World
Location

Dubai,

Dubai, United Arab Emirates

United Arab Emirates
Industry
Energy, Utilities & Waste
Victim
Gulf Energy Maritime
Energy, Utilities & WasteEnergy, Utilities & WasteEnergy, Utilities & WasteEnergy, Utilities & Waste
Aeris Energy Data Breach by Hunters International Ransomware
Read more
Aeris Energy Data Breach by Hunters International Ransomware
Read More
Date
November 23, 2024
Ransomware group
Hunters International
Location

Fortaleza,

Fortaleza, Brazil

Brazil
Industry
Energy, Utilities & Waste
Victim
Aeris Energy
Law Firms & Legal ServicesLaw Firms & Legal ServicesLaw Firms & Legal ServicesLaw Firms & Legal Services
Jones Mayer Faces Ransomware Attack by Hunters International
Read more
Jones Mayer Faces Ransomware Attack by Hunters International
Read More
Date
November 23, 2024
Ransomware group
Hunters International
Location

Fullerton, California

Fullerton, USA

USA
Industry
Law Firms & Legal Services
Victim
Jones & Mayer
Energy, Utilities & WasteEnergy, Utilities & WasteEnergy, Utilities & WasteEnergy, Utilities & Waste
Schuck Group GmbH Faces Ransomware Threat from INC Ransom
Read more
Schuck Group GmbH Faces Ransomware Threat from INC Ransom
Read More
Date
November 23, 2024
Ransomware group
Inc Ransom
Location

Elsenfeld,

Elsenfeld, Germany

Germany
Industry
Energy, Utilities & Waste
Victim
Schuck Group GmbH
AgricultureAgricultureAgricultureAgriculture
Avicole Plus Breached by INC Ransom in Ransomware Attack
Read more
Avicole Plus Breached by INC Ransom in Ransomware Attack
Read More
Date
November 23, 2024
Ransomware group
Inc Ransom
Location

Victoriaville,

Victoriaville, Canada

Canada
Industry
Agriculture
Victim
Service Avicole JGL
ManufacturingManufacturingManufacturingManufacturing
IPE Engwicht GmbH Faces Ransomware Attack by INC Ransom Group
Read more
IPE Engwicht GmbH Faces Ransomware Attack by INC Ransom Group
Read More
Date
November 23, 2024
Ransomware group
Inc Ransom
Location

Nordhausen,

Nordhausen, Germany

Germany
Industry
Manufacturing
Victim
IPE Engwicht
ManufacturingManufacturingManufacturingManufacturing
Darlington EMS Faces Ransomware Threat from INC Ransom Group
Read more
Darlington EMS Faces Ransomware Threat from INC Ransom Group
Read More
Date
November 23, 2024
Ransomware group
Inc Ransom
Location

Stockport,

Stockport, United Kingdom

United Kingdom
Industry
Manufacturing
Victim
Darlington EMS
ConstructionConstructionConstructionConstruction
Vogue Homes Targeted by KillSec in Major Ransomware Breach
Read more
Vogue Homes Targeted by KillSec in Major Ransomware Breach
Read More
Date
November 23, 2024
Ransomware group
Killsec
Location

Dubai,

Dubai, United Arab Emirates

United Arab Emirates
Industry
Construction
Victim
Vogue Homes
No results found.
There are no results with this criteria. Try changing your search.
Load More

Ready to Get Resilient Against Ransomware?

An endpoint resiliency platform is a critical part of a strong security strategy to protect your business and continuity. Setup a meeting to learn more with a Halcyon expert today.
Learn More

Request removal

To submit a takedown request, please provide a clear identification of the content in question, including the URL(s) or page title, along with a brief description of what should be removed or revised. Clarify your relationship to the content in question. State the reason for your request, such as inaccuracy, privacy violation, intellectual property infringement, or defamation, and provide any supporting evidence. Include your full name, position (if relevant), and preferred contact details.

While Halcyon will comply with valid takedown requests, please note that our reporting conforms to fair use principles, and all information is sourced from publicly available data leak aggregator websites and public news sources.

Submit your request to [insert email] with the subject line: “Takedown Request – [Content/Entity Name].”Input the contact email where you would like the request to go to.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.