2020 • May: Anonymous declared a large hack on May 28, three days after the
murder of George Floyd. An individual claiming to represent Anonymous stated that "We are Legion. We do not forgive. We do not forget. Expect us." in a now-deleted video. Anonymous addressed police brutality and said they "will be exposing [their] many crimes to the world". It was suspected that Anonymous were the cause for the downtime and public suspension of the
Minneapolis Police Department website and its parent site, the website of the
City of Minneapolis. • May: Indian national Shubham Upadhyay posed as Superintendent of Police and, using
social engineering, used a free caller identification app to call up the in-charge of the Kotwali police station, K. K. Gupta, in order to threaten him to get his phone repaired amidst the
COVID-19 lockdown. The attempt was foiled. • June: Anonymous claimed responsibility for stealing and leaking a trove of documents collectively nicknamed '
BlueLeaks'. The 269-gigabyte collection was published by a leak-focused activist group known as
Distributed Denial of Secrets. Furthermore, the collective took down
Atlanta Police Department's website via
DDoS, and defaced websites such as a
Filipino governmental webpage and that of
Brookhaven National Labs. They expressed support for
Julian Assange and press freedom, while briefly "taking a swing" against
Facebook,
Reddit and
Wikipedia for having 'engaged in shady practices behind our prying eyes'. In the case of Reddit, they posted a link to a court document describing the possible involvement of a moderator of a large traffic subreddit (/r/news) in an online harassment-related case. • June: The
Buffalo, NY police department's website was supposedly hacked by Anonymous. While the website was up and running after a few minutes, Anonymous tweeted again on Twitter urging that it be taken down. A few minutes later, the Buffalo NY website was brought down again. They also hacked
Chicago police radios to play
N.W.A's "
Fuck tha Police". • June: Over 1,000 accounts on multiplayer online game
Roblox were hacked to display that they supported U.S. President
Donald Trump. • July: The
2020 Twitter bitcoin scam occurred. • July: User credentials of writing website
Wattpad were stolen and leaked on a hacker forum. The database contained over 200 million records. • August:
Indian hackers hacked
Pakistani television channel '
Dawn News' and displayed India's national flag with the message “Happy Independence Day” (referring to
15 August, Independence Day of India) written on it, at around 3:30 pm
IST. Dawn News issued a statement saying they are investigating the matter. • August: A large number of
subreddits were hacked to post materials endorsing
Donald Trump. The affected subreddits included r/BlackPeopleTwitter, r/3amJokes, r/NFL, r/PhotoshopBattles. An entity with the name of "calvin goh and Melvern" had purportedly claimed responsibility for the massive defacement, and also made violent threats against a
Chinese embassy. • August: The US Air Force's Hack-A-Sat event was hosted at DEF CON's virtual conference where groups such as Poland Can Into Space, FluxRepeatRocket, AddVulcan, Samurai, Solar Wine, PFS, 15 Fitty Tree, and 1064CBread competed in order to control a satellite in space. The Poland Can Into Space team stood out for having successfully manipulated a satellite to take a picture of the
Moon. • August: The website of Belarusian company "BrestTorgTeknika" was defaced by a hacker nicknaming herself "
Queen Elsa", in order to support the
2020–21 Belarusian protests. In it, the page hacker exclaimed "Get Iced Iced already" and "Free Belarus, revolution of our times" with the latter alluding to the famous slogan used by
2019 Hong Kong protests. The results of the hack were then announced on Reddit's /r/Belarus subreddit by a poster under the username "Socookre". • August: Multiple DDoS attacks forced
New Zealand's stock market to temporarily shut down. • September: The first suspected death from a cyberattack was reported after cybercriminals hit a hospital in
Düsseldorf,
Germany, with
ransomware. • October: A wave of
botnet-coordinated
ransomware attacks against hospital infrastructure occurred in the United States, identified as . State security officials and American corporate security officers were concerned that these attacks might be a prelude to
hacking of election infrastructure during the
elections of the subsequent month, like similar incidents during the
2016 United States elections and
other attacks; there was, however, no evidence that they performed attacks on election infrastructure in 2020. • December: A
supply chain attack targeting upstream dependencies from Texas IT service provider "SolarWinds" results in serious, wide-ranging security breaches at the
U.S. Treasury and
Commerce departments. White House officials did not immediately publicly identify a culprit;
Reuters, citing sources "familiar with the investigation", pointed toward the Russian government. An official statement shared by Senate Finance Committee ranking member,
Ron Wyden said: "Hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials." • December: A bomb threat posted from a
Twitter account that was seemingly hacked by persons with the aliases of "Omnipotent" and "choonkeat", against the
Aeroflot Flight 102, a passenger flight with the plane tail number of VQ-BIL coming from
Moscow to
New York City. Due to that, a runway of New York's
John F. Kennedy International Airport was temporarily closed and resulted in the delay of Aeroflot Flight 103, a return flight back to Moscow. • December: The
Anonymous group initiated 'Christmas gift' defacements against multiple Russian portals including a municipal website in
Tomsk and that of a regional football club. Inside the defacements, they made multiple references such as Russian opposition activist
Alexei Navalny, freedom protests in
Thailand and
Belarus, and opposition to the
Chinese Communist Party. They also held a mock award based on an event on the game platform
Roblox that was called "RB Battles" where YouTubers Tanqr and KreekCraft, the winner and the runner up of the actual game event, were compared to both Taiwan and
New Zealand respectively due to the latter's reportedly stellar performance in fighting the
COVID-19 pandemic.
2021 • January:
Microsoft Exchange Server data breach • February: Anonymous announced cyber-attacks of at least five
Malaysian websites. As a result, eleven individuals were nabbed as suspects. • February: The group "Myanmar Hackers" attacked several websites belonging to
Myanmar government agencies such as the
Central Bank of Myanmar and the military-run
Tatmadaw True News Information Team. The group also targeted the Directorate of Investment and Company Administration, Trade Department, Customs Department, Ministry of Commerce, Myawady TV and state-owned broadcaster Myanmar Radio and Television and some private media outlets. A computer technician in Yangon found that the hacks were denial-of-service attacks, while the group's motive is to protest the
2021 Myanmar coup. • March: Cyber insurer
CNA Financial, one of the largest insurance companies based in the US, was attacked with ransomware, causing the company to lose control over its network. The company paid $40 million to regain network control. CNA had, at first, ignored the hackers, attempting to solve the problem independently; remaining locked out, however, CNA paid the ransom within a week. CNA's investigation reported that
cyberattack group Phoenix had used Phoenix Locker malware, a variant of the Hades ransomware used by Russian criminal hacking group
Evil Corp. Phoenix Locker malware encrypted 15,000 devices on the network, as well as the computers of employees working remotely while logged into the company's VPN during the attack. • April: The
Ivanti Pulse Connect Secure data breach of unauthorized access to the networks of high-value targets since at least June 2020 via across the U.S. and some E.U. nations due to their use of
vulnerable,
proprietary software was reported. • May: Operation of the U.S.
Colonial Pipeline is interrupted by a
ransomware cyber operation. • May: On 21 May 2021
Air India was subjected to a
cyberattack wherein the personal details of about 4.5 million customers around the world were compromised including passport, credit card details, birth dates, name and ticket information. • July: On 22 July 2021
Saudi Aramco data were leaked by a third-party contractor and demanded $50 million ransom from Saudi Aramco. Saudi Aramco confirmed the incident after a hacker claimed on dark web that he had stolen 1 terabyte of data about location of oil refineries and employees data in a post that was posted on June 23. • August: T-Mobile reported that data files with information from about 40 million former or prospective T-Mobile customers, including first and last names, date of birth, SSN, and driver's license/ID information, were compromised. • September and October:
2021 Epik data breach. Anonymous obtained and released over 400gigabytes of data from the domain registrar and web hosting company
Epik. The data was shared in three releases between September 13 and October 4. The first release included domain purchase and transfer details, account credentials and logins, payment history, employee emails, and unidentified private keys. The hackers claimed they had obtained "a decade's worth of data", including all customer data and records for all domains ever hosted or registered through the company, and which included poorly encrypted passwords and other sensitive data stored in
plaintext. The second release consisted of bootable disk images and API keys for third-party services used by Epik; the third contained additional disk images and an archive of data belonging to the
Republican Party of Texas, who are an Epik customer. • October: On October 6, 2021, an anonymous 4chan user reportedly hacked and leaked the source code of
Twitch, as well as information on how much the streaming service paid almost 2.4 million streamers since August 2019. Source code from almost 6,000 GitHub repositories was leaked, and the 4chan user said it was "part one" of a much larger release. • November and December: On November 24, Chen Zhaojun of Alibaba's Cloud Security Team reported a
zero-day vulnerability (later dubbed
Log4Shell) involving the use of
arbitrary code execution in the ubiquitous
Java logging framework software
Log4j. The report was privately disclosed to project developers of
Log4j, a team at
The Apache Software Foundation, on November 24. On December 8, Zhaojun contacted the developers again detailing how the vulnerability was being discussed in public security chat rooms, was already known by some security researchers, and pleaded that the team expedite the solution to the vulnerability in the official release version of
Log4j. Due to the ubiquity of devices with the
Log4j software (hundreds of millions) and the simplicity in executing the vulnerability, it is considered to be arguably one of the largest and most critical vulnerabilities ever. Yet, big names in security hacking helped in regaining control over server, like
Graham Ivan Clark, and Elhamy A. Elsebaey. A portion of the vulnerability was fixed in a patch distributed on December 6, three days before the vulnerability was publicly disclosed on December 9.
2022 • February: The German
Chaos Computer Club has reported more than fifty data leaks. Government institutions and companies from various business sectors were affected. In total, the researchers had access to over 6.4 million personal data records as well as terabytes of log data and source code. • March: As a response to the
Russian invasion of Ukraine,
Anonymous performed many attacks against computer systems in
Russia. Most notably, Anonymous committed a cyberattack against
Roskomnadzor. • March: On 23 March 2022, hackers compromised the Ronin Network, stealing approximately US$620 million in
Ether and
USDC. A total of 173,600 Ether and 25.5 million USDC tokens were stolen in two transactions. It took the company six days to notice the hack. It further damaged the value of SLP. On 8 April 2022, Sky Mavis said it expected it would be able to recover some of the funds, but it would take several years. The company raised additional venture capital and reimbursed all users affected in the hack. On 14 April 2022, the
FBI issued a statement that the
Lazarus Group and APT38, which are
North Korean state-sponsored hacker groups, were responsible for the theft. Accordingly, the US Treasury has
sanctioned the cryptocurrency address. Some of the cryptocurrency has been laundered through a
cryptocurrency tumbler known as "
Tornado Cash". • April: Anonymous hacked Russian companies Aerogas, Forest, and Petrovsky Fort. From there they leaked around 437,500 emails which they donated to non-profit whistleblower organization
Distributed Denial of Secrets. Furthermore, they leaked 446 GB of data from
Russian Ministry of Culture. • April: On April 19, Gijón City Council (Spain) was attacked by the GERVASIA computer virus and suffered data hijacking. • May: Network Battalion 65 (NB65), a hacktivist group affiliated with Anonymous, has reportedly hacked Russian payment processor
Qiwi. A total of 10.5
terabytes of data including transaction records and customers' credit cards had been exfiltrated. They further infected Qiwi with
ransomwares and threatened to release more customer records. • May: During the
Victory Day in Russia, anti-war messages were inserted into Russian TV schedules including that of
Russia-1, Channel 1, and
NTV-Plus. One of the messages were "On your hands is the blood of thousands of Ukrainians and their hundreds of murdered children. TV and the authorities are lying. No to war." • June: A hacker on the Breach Forums claimed to have leaked more than 1 billion people's personal records from the
Shanghai National Police Database.
2023 • March: Amidst the
Russian invasion of Ukraine, hackers accessed Russian TV and radio stations to broadcast false warning messages about an impending
nuclear attack. • October: In response to
October 7 Hamas-led attack on Israel, Indian hacktivist group
Indian Cyber Force took down the websites of
Palestinian National Bank,
National Telecommunications Company and
Hamas. • November: A cyberattack on
DP World paralyzes imports and exports in Australia for several days. DP World accounts for about 40% of Australia's imports and exports, leading to a 30,000-container backlog and economic chaos; additionally, data was stolen.
2024 • January: Indian hacktivist group
Indian Cyber Force targeted
Maldives amid diplomatic tension between the two nations following derogatory comments made by three Maldives ministers on social media against Prime Minister of India,
Narendra Modi. Websites including that of Maldives'
Home Ministry, Juvenile Court, President's Office were
defaced. The
Facebook page of Auditor General's Office was also compromised. • February:
XZ Utils backdoor incident. • February: The website of Burger Singh, an
Indian food franchise, was hacked by
Pakistani hacker group "Team Insane PK". On the defaced website, the group warned Indian hackers to cease attacking Pakistani websites while uploading a YouTube video depicting the
Pakistani Air Force. • June: Russian hackers infiltrated Microsoft's systems, accessing staff and customer emails, leading to regulatory scrutiny and a Congressional hearing. Microsoft is notifying affected customers and working to enhance its security practices in response to ongoing vulnerabilities. • September: Unknown hackers access the
National Police Corps of the
Netherlands's data, resulting in a data breach.
2025 • April:
4chan was hacked by an anonymous user of "
soyjak.party", a rival
imageboard website with origins related to 4chan. Source code and user logins of those who registered with emails were reportedly acquired by the user and leaked online. Additionally, the earlier deleted /qa/ board was restored. • June: Iran's state television service
IRIB faced
broadcast signal intrusion by Israeli hackers who aired a footage of women protesting against
hijab and cutting their hair. • July:
Elmo's X account was hacked and posted antisemitic tweets, and called on President
Donald Trump to release the
Jeffrey Epstein client list, calling him a "child fucker". ==See also==