An overview of recent large scale attacks / black swan events in the news from 2018 untill recent:


Ransomware attack on Garmin thought to be the work of 'Evil Corp'

The hack is thought to be just the latest in a long string of attacks on American companies that have earned the cybercriminals’ alleged leader, Maksim Viktorovich Yakubets, 33, a $5m bounty on his head from the FBI. The Guardian


Tech unicorn Dave admits to security breach impacting 7.5 million users

As the result of a breach at Waydev, one of Dave's former third party service providers, a malicious party recently gained unauthorized access to certain user data at Dave. ZDnet


ATM Jackpotting heist hits Argenta

The digital burglars targeted a certain type of ATMs. For security reasons, Argenta has decided to temporarily disable all ATMs of that type. De Tijd / [English]


South Africa's Post Office, has lost more than $3.2 million from fraudulent transactions

The master key is a 36-digit code that allows its holder to decrypt the bank's operations and even modify banking systems. The rogue employees gained access ato ccounts and make more than 25,000 fraudulent transactions. ZDnet


Brazil’s financial sector has a new foe

An insidious Android application is trying to steal users’ login credentials, and their money, by impersonating Brazilian banks. The malicious code is designed to steal the text messages that people use as a secondary security measure to log into their bank accounts. Cyberscoop / IBM


The European Systemic Risk Board (ESRB) warns cyber threats pose systemic risk

"a perceived irrecoverable destruction, alteration or encryption of account balances of one or several financial institutions could constitute a sufficiently severe shock to the financial system." Finextra


Boots Advantage Card hit by cyber attack

The high street chain said the issue affected less than 1% of the company’s 14.4 million active loyalty card users – around 150,000 people. The attack on Boots cards comes two days after a similar security breach with Tesco Clubcards. Metro


The US has charged four military officers over the huge cyber-attack on credit rating giant Equifax.

Equifax was forced to pay a $700m (£541m) settlement to the Federal Trade Commission. At least $300m of the settlement went towards paying for identity theft services and other related expenses run up by the victims. BBC


A cyberattack on a major US financial institution would affect more than a third of bank assets

In one of the more severe scenarios, in which banks hoard liquidity in response to the attack, foregone payments could amount to up to 2.7 times US gross domestic product. Even a cyber attack on banks with less than $10 billion in assets would "impair a significant amount of the system." Business Insider


Major breach found in biometrics system used by banks

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees... TheGuardian


7-Eleven shut down its payment app after hackers stole $500,000 from users

On Thursday, 7-Eleven Japan suspended a recently-launched mobile payments feature on its 7Pay app after a flaw allowed a third party to make bogus charges on hundreds of customer accounts. The Verge


Australians at risk of fraud as hackers attack Westpac's platform

"Experts say that with access to these details, fraud could be committed on a mass scale." Sydney Morning Herald


Chilean banks hit by Redbanc cyber attack

Redbanc confirmed that he suffered a new cyber attack that affects 41,593 credit and debit cards from 13 banking and non-banking institutions. Cooperativa


Losses from bank transfer scams 'spiralling out of control'

Around £354 million has been lost in the last year alone - most of it stolen from personal accounts. Evening Standard


GozNym cyber-crime gang which stole millions busted

"What is known as 'crime as a service' has been a growing feature in recent years, allowing organised crime gangs to switch from their traditional haunts of drugs to much more lucrative cyber-crime." BBC News


Amazon hit by 'extensive fraud'

Filings have revealed that Amazon suffered a fraud attack with hackers stealing funds for over six months in 2018. The 'extensive' fraud involved hackers breaking into roughly 100 merchant accounts and siphoning cash from loans or sales into their own accounts. Daily Mail


Top Wall Street CEOs keep saying their No. 1 fear is a cyberattack that'll take down the financial system

"The next crisis is going to come from a different place," Hunt said. Business Insider



a smaller series of attacks allowed hackers to siphon off 300 to 400 million pesos, or roughly $15 to $20 million from Mexican banks. Here's how they did it. WIRED


Bank of Valletta goes dark

Bank of Valletta shut down all its operations on Wednesday morning. All of the bank’s functions - branches, ATMs, mobile banking and even email services - were suspended and its website taken offline. Times of Malta


Metro Bank hit by cyber attack used to empty customer accounts

Metro Bank has become the first major bank to be named as a victim of a new type of cyber attack targeting the codes sent via text messages to customers to verify transactions. The Telegraph


BankIslami lost $6m within 23 minutes in cyber attack

Foreign-based hackers had breached the security systems of several domestic banks and added that “large sums of money have been taken out from bank accounts”. Data of more than 8000 accounts of 10 banks were available for sale in dark web. Pakistan Today


Tesco Bank fined £16.4m over cyber attack

An investigation by the FCA found flaws had left account holders vulnerable and the bank's response was "too little, too late".

It is the first time the FCA has issued a fine for a cyber-related incident. Tesco Bank said that since the incident it had "significantly enhanced" security measures. Sky News


How a Cyber Attack Could Cause the Next Financial Crisis

But the next crisis might not come from a financial shock at all. The more likely culprit: a cyber attack that causes disruptions to financial services, especially payments systems, around the world. Harvard Business Review


Cosmos Bank loses US$13.5m in cyber attack

Cyber criminals hacked the systems of India’s Cosmos Bank and siphoned off nearly 944 million rupees (US$13.5 million, RM55.1 million) through simultaneous withdrawals across 28 countries over the weekend, the bank has told police. Malay Mail



The criminal operation has struck banks in more than 40 countries and has resulted in cumulative losses of over EUR 1 billion for the financial industry. The magnitude of the losses is significant: the Cobalt malware alone allowed criminals to steal up to EUR 10 million per heist. Europol


City Union Bank CEO says suffered cyber hack via SWIFT system

The comments come after the small private lender on Saturday had disclosed it had discovered the three “fraudulent remittances”, which were sent via correspondent banks to accounts in Dubai, Turkey and China. Reuters

About the Timeline

The timeline is based on data compiled by new outlets and gathered by Belleron, with disclosure of source. Incidents that occurred after 2018 are based on data found in the media and on a monthly basis and are subsequently added to the timeline.

With respect to associating a specific date with an incident, which may be part of a larger financial attack, the dates for each event are either using the starting date/month of the incident, if known, or when the incident was first reported. For further questions about the method, please contact the team here. Belleron is not responsible for any of the content provided or relayed via this timeline.