/Breach-Report-Collection

A collection of companies that disclose adversary TTPs after they have been breached

Breach Report Collection

  • A collection of companies that disclose adversary TTPs after they have been breached
  • Useful for analysis of intrusions launched by adversaries with measurable effects and impact
Organization Breach Date Adversary Source
Microsoft January 2024 CozyBear (RU SVR) microsoft.com (1), microsoft.com (2) / (archived)
Mandiant January 2024 CLICKSINK mandiant.com / (archived)
Nissan Australia December 2023 Akira nissan.com.au / (archived)
Cloudflare November 2023 Unknown cloudflare.com (1), cloudflare.com (2) / (archived)
Boeing November 2023 LockBit cisa.gov / (archived)
British Library October 2023 Rhysida bl.uk / (archived)
BeyondTrust October 2023 Unknown beyondtrust.com / (archived)
Okta October 2023 Unknown sec.okta.com / (archived)
BHI Energy October 2023 Akira documentcloud.org / (archived)
D-Link October 2023 "succumb" dlink.com / (archived)
Kroll August 2023 Unknown kroll.com / (archived)
Microsoft July 2023 Storm-0558 (CN MSS) microsoft.com / (archived)
JumpCloud July 2023 UNC4899 (DPRK RGB) jumpcloud.com / (archived)
Dragos May 2023 "KyivWarrior" dragos.com / (archived)
3CX March 2023 UNC4736 (DPRK RGB) mandiant.com / (archived)
Coinbase February 2023 0ktapus (suspected) coinbase.com / (archived)
Reddit February 2023 0ktapus (suspected) reddit.com / (archived)
CircleCI January 2023 Jade Sleet circleci.com / (archived)
LastPass October 2022 Unknown blog.lastpass.com / (archived)
Uber September 2022 Lapsus$ (suspected) uber.com / (archived)
Okta August 2022 0ktapus sec.okta.com / (archived)
Twilio August 2022 0ktapus twilio.com / (archived)
Cisco May 2022 Yanluowang blog.talosintelligence.com / (archived)
GitHub April 2022 Unknown github.blog / (archived)
Okta April 2022 Lapsus$ okta.com / (archived)
Microsoft March 2022 Lapsus$ microsoft.com / (archived)
Gloucester Council November 2021 Conti democracy.gloucester.gov.uk / (archived)
Kaseya July 2021 REvil helpdesk.kaseya.com / (archived)
Viasat KA-SAT February 2022 Sandworm (RU GRU) news.viasat.com / (archived)
Irish HSE May 2021 Conti hse.ie / (archived)
Microsoft February 2021 CozyBear (RU SVR) msrc.microsoft.com / archived
New Zealand Reserve Bank January 2021 FIN11 rbnz.govt.nz / (archived)
FireEye December 2020 CozyBear (RU SVR) fireeye.com / (archived)
SolarWinds December 2020 CozyBear (RU SVR) solarwinds.com / (archived)
Equinix September 2020 Netwalker datacenterdynamics.com / (archived)
CapitalOne July 2019 "ERRAT1C" (aka Paige Thompson) capitalone.com / (archived)
Avast/CCleaner September 2016 WickedPanda (CN MSS) blog.avast,com / (archived)
Kaspersky June 2015 Duqu 2.0 kaspersky.com / (archived)
RSA April 2011 CN PLA (archived)