Hero Banner
World-Class Cybersecurity Training Services

Cyber Attack Timelines

Compilation of All Recent Educational Cyber-Attack Timelines for a Historical Perspective on Cyber Crime, Threat Actors & Response Strategies     



Cyber Attack Timelines

Educational Timelines That Enhance Your Understanding of Cyber Crime & Help Bolster Your Cyber Defences   


The study of past cyber-attacks through well-defined cyber-attack timelines is of paramount importance for every industry. These timelines serve as detailed chronicles of recent major cyber attacks, based on information available in the public domain. They intend to provide well-organised insights into the methods and progressions of various cyber threats.
By analysing and understanding these attacks, you can identify patterns and common vulnerabilities that were exploited. This knowledge is invaluable for strengthening your own cyber defences. Additionally, understanding the timeline of an attack – from initial breach to final resolution – aids in developing more effective cyber incident response plans and strategies. It enables you to anticipate and mitigate the impact of similar attacks in the future. Moreover, these timelines often highlight the evolving nature of cyber threats, underscoring the necessity for continuous evolution of cybersecurity measures. 
These cyber attack timelines can also prove to be an invaluable tool for rehearsing your Incident Response Plans with Cyber Tabletop Exercises. The attacks, how they unfolded and how the organisation responded to them can act as useful cybersecurity tabletop exercise scenarios. This can help refine your own cyber drill scenarios and lead to more productive and practically relevant outcomes for your organisation.  
At Cyber Management Alliance, we are committed to elevating cybersecurity awareness and an understanding of cyber threats by regularly publishing attack timelines. The idea is never to vilify or turn the spotlight on the victims. Our objective is only to present available information in an easy-to-understand format so that we can collectively learn from the experiences of others and bolster our own cybersecurity posture as a global community.   



UK MoD Cyber Attack

The UK Ministry of Defence (MoD) faced a significant cyber attack through a third-party payroll system, leading to severe repercussions. The breach exposed sensitive data of 270,000 personnel, including active service members, reservists, and veterans from all three branches of the armed forces. This incident has sparked considerable political controversy and highlighted the critical importance of third-party cybersecurity measures.
Our comprehensive timeline document offers an in-depth look into the prolonged cyber espionage campaign linked to this data breach. It includes statements from government officials, responses from critics of the current administration, and a detailed summary of events.
For a complete analysis, explore our UK MoD Cyber Attack timeline

AT&T Data Breach Timeline

AT&T experienced a massive data breach. Earlier estimates suggested that roughly 73 existing and former customers had their data compromised. The company later confirmed that the actual number was 51 million.

The interesting twist in the tale? One threat actor claimed to have leaked this data back in 2021. Know more about this massive exposure of sensitive information and service disruption in our AT&T Cyber Attack Timeline

Change Healthcare Ransomware Attack

The ransomware attack on Change Healthcare, a subsidiary of UnitedHealth Group, began on February 21, 2024, disrupting services across U.S. healthcare providers and pharmacies. Eventually, the attack became a lesson in how attacks on healthcare companies can have seriously damaging and cascading effects. It also highlighted why ransom payments are NEVER a solution.
The company is now being slammed for how it managed the crisis situation in which data of at least one-third Americans seems to have been compromised. 
We've tried to make sense of everything that has happened & is still happening in this complicated ransomware attack with this educational timeline. 

23andMe Cyber Attack Timeline

23andMe, the genomics and biotechnology giant suffered a massive data breach in 2023. The compnay suggested that threat actors had unleashed a credential stuffing attack using exposed credentials from past attacks to compromise the data of 23andMe customers.   
Later, it became apparent that the number of users whose data had apparently been compromised totaled to a whopping 6.9 million. Additionally, the kind of data that was leaked, specifically of those with Chinese and Ashkenazi Jewish heritage, gave the breach a highly politicised undertone. 

Our 23andMe Cyber Attack Timeline covers the key events of the attack as it unfolded. The timeline summary image will give you a quick and easily readable overview of what exactly happened and how 23andMe responded. Read these useful documents along with our 23andMe Cyber Attack blog to gain an in-depth perspective of one of the most talked-about cyber attacks in recent months.  

Mr. Cooper Cyber Attack Timeline

American Mortgage Lending Giant, Mr. Cooper, was hit by a cyber attack towards the end of last year. The company had to shut down IT systems including access to their online payment portal, creating quite a ruckus amongst customers who were unable to make their payments on time. In about a week, however, the company managed to bring its payment facility online. Sadly, though, it turned out that data of 14.7 million customers had been exposed in this major breach of 2023.
Our educational Mr. Cooper cyber attack timeline encapsulates what went wrong in the case of Mr. Cooper. For a quick understanding of the sequence of events, their impact and the organisational response, refer to our Mr. Cooper Attack Timeline Summary image and don't forget to check out our blog on the Mr. Cooper Cyber Attack

Barracuda Email Security Gateway Attack Timeline

Barracuda Networks disclosed a security vulnerability in its Email Security Gateway (ESG) Appliances in May 2023. Although Barracuda promptly issued a patch for this vulnerability and followed up with an additional update, numerous customers had already been impacted. But when Barracuda issued an urgent action notice advising customers with affected hardware to completely remove the vulnerable devices, the cybersecurity community was shook. 

 Our Visual, Summarised Barracuda Cyber Attack Timeline and detailed document captures exactly how this unprecedented turn of events came about. Read our blog on the Barracuda Email Security Gateway Attack for a quick understanding of what went down in the Barracuda Zero-Day Attacks. 


Royal Mail Ransomware Attack

In January 2023, Royal Mail experienced a significant cyber-attack, leading to a halt in its international shipment of parcels and letters via its post office branches. The attack, attributed to the LockBit ransomware group with ties to Russia, involved a substantial ransom demand for a decryption key to restore services.

Check out our educational, visual Royal Mail Ransomware Attack timeline and detailed document on the Royal Mail Ransomware Attack that chronologically details the progression of the cyber incident. This timeline categorizes the information into four distinct sections: the Incident itself, its Impact, the Suspected Threat Actors involved, and the Response to the event. Don't forget to read our blog on the Royal Mail Ransomware Attack

SolarWinds Cyber-Attack Timeline

The SolarWinds cyber-attack, also known as Solorigate, stands as an unparalleled event in the history of cybersecurity breaches. Its distinction as a significant cyber intrusion stems from the extensive impact it had. The attack successfully penetrated the cyber defences of the United States, affecting numerous government agencies and leading enterprises, including the esteemed cybersecurity firm FireEye, various Fortune 500 companies, think tanks, and more. The ongoing repercussions of this attack continue to be felt both within the USA and internationally, marking it as a global cybersecurity event of unmatched scale.
We have attempted to encapsulate this massive event in our summarised, visual SolarWinds Cyber Attack Timeline. There is also a detailed document for a more thorough understanding. Read our blog on the attack here: SolarWinds Cyber Attack

Travelex Cyber Attack Timeline

Before being hit by a cyber-attack on December 31, 2019, Travelex was recognized as the world's leading foreign exchange bureau. However, within a mere four months following the attack, this formidable enterprise was put up for sale. Its parent company, Finablr, faced bankruptcy. The deadly combination of a ransomware attack and the subsequent impact of COVID-19 placed the company's 40-year legacy in major jeopardy.


Find out what exactly happened in the Travelex Attack with our Visual, Easy-to-Read Travelex Cyber Attack Timeline and Detailed Timeline Document. Do check out our blog on the Travelex Cyber Attack Timeline for a quick overview of the attack. 

AIIMS Ransomware Attack

The ransomware incident at AIIMS Delhi significantly disrupted healthcare services, deeply affecting a nation where a substantial population relies heavily on public healthcare facilities. This event also amplified the urgency of addressing cybersecurity vulnerabilities in the healthcare sector.

Learn more about how this incident unfolded, what the impact was and how AIIMS and the Indian Government responded to this healthcare emergency. Check out our easy-to-read Visual Timeline, accompanying detailed document here: AIIMS Ransomware Attack Timeline

You may also want to read our blog on the AIIMS Ransomware Attack.  

AIIMS Timeline Image

Western Digital Cyber Attack Timeline

Western Digital, a leading data storage company, suffered a cyber attack in early 2023, during which it was confirmed that hackers exfiltrated 10 terabytes of data, encompassing sensitive customer details. This breach not only disrupted services for users of its My Cloud Home and Sandisk ibi products but also raised alarming concerns due to the attackers' claims of being able to impersonate Western Digital through digitally signed files.

Check out our educational, Visual Timeline on the Western Digital Cyber Attack & the accompanying detailed document. These have been constructed to methodically document the sequence of the cyber incident as it unfolded. You might also be interested in reading our blog on the Western Digital Cyber Attack

EasyJet Cyber Attack Timeline

EasyJet, a globally renowned low-cost airline, experienced a significant cyber-attack, resulting in the compromise of personal data belonging to 9 million customers. This incident subsequently led to a class-action lawsuit, joined by approximately 10,000 of its customers. The lawsuit alleges that the airline breached the UK's Data Protection Act of 2018. 
We try to explore what really happened and how the organisational response was in this EasyJet Cyber Attack Timeline and detailed document. A quick overview of the attack and the customer response is available in our EasyJet Cyber Attack blog.   

Why not book a discovery call to discuss your requirements?

Want more information on the NCSC Assured Training in Cyber Incident Planning and Response? Book a no-obligation discovery call with one of our consultants. 

Let us show you why our clients trust us and love working with us.
All trademarks, service marks, trade names, product names, service names and logos appearing on the site, or on printed or digital material are the property of their respective owners, including in Cyber Management Alliance Ltd. Any rights not expressly granted herein are reserved.

The information on this page and related pages and documents is Copyright of Cyber Management Alliance Ltd. The VCA or Virtual Cyber Assistant term, other terms, information, concepts, ideas, workflows, processes, procedures and other content that directly or indirectly supports the VCA Service are Copyright of Cyber
Management Alliance Ltd. Copyright 2022.