Getty Images
Publicly disclosed U.S. ransomware attacks in 2023
TechTarget Editorial's ransomware database collects public disclosures, notifications and confirmed reports of attacks against U.S. organizations each month.
Ransomware attacks continue to plague the U.S., and it's often difficult to gauge just how bad the problem is.
The lack of transparency and consistent reporting for ransomware attacks has hampered visibility into the threat, making it challenging to determine how many organizations have been victimized.
Since the beginning of 2022, TechTarget Editorial's security news team has researched and tracked public disclosures and reports of attacks against organizations in the U.S. each month in a ransomware database. The database compiles data breach notification letters from various state and federal government agencies as well as publicly confirmed reports of ransomware attacks.
The ransomware targets have ranged from municipal government services, public school systems, private universities, small businesses and large enterprises across the country. Last year, nearly 300 attacks against U.S. organizations were recorded in TechTarget Editorial's 2022 ransomware database, though the number of actual attacks was almost certainly higher.
Breach notification letters submitted to various state and federal agencies are often vague and provide little detail about the nature of the security incident in question. In addition, organizations sometimes avoid disclosing or confirming whether such incidents involved ransomware, even when the attacks contain tell-tale signs.
As such there are typically several breach notifications letters each month that describe security incidents indicative of a ransomware attack. But they do not explicitly state that one took place.
TechTarget Editorial's ransomware database includes notifications that either explicitly state that ransomware was involved or includes language that indicates systems and data were encrypted by malicious actors. In the absence of direct confirmations from victim organizations, TechTarget Editorial assesses corroborating information, such as third-party reports and claims from ransomware gangs to determine if a ransomware attack likely took place.
The database does not include attacks claimed by ransomware gangs without corroborating evidence, such as leaked data or a corresponding disclosure of a cyber attack from the purported victim organization. It also omits attacks by extortion groups that do not deploy actual ransomware and only steal and exfiltrate sensitive data.
While malware-less extortion attacks are becoming more common, this database lists attacks by known ransomware gangs. Some incidents may not involve malware deployment because threat activity was detected or blocked before the payload could be delivered.
Below are the ransomware attacks TechTarget Editorial has tracked for each month in 2023. The entries include the following data for each incident:
- The name of the organization that was attacked
- When the attack was first publicly disclosed, either through a notification letter or confirmed report
- When the attack occurred
- The victim's location/headquarters
In addition, TechTarget Editorial provides a recap of each month's ransomware activity in separate articles that examine some of the more notable attacks and emerging trends.
| February 2023 | |||
| Name of the victim organization | Disclosure/report date | Attack date | Organization location |
| Regal Medical Group | 2/1/2023 | 12/2/2022 | Reseda, CA |
| Tallahassee Memorial HealthCare | 2/3/2023 | 2/2/2023 | Tallahassee, FL |
| Wayne County Police | 2/3/2023 | 2/3/2022 | Detroit, MI |
| Berkeley County Schools | 2/6/2023 | 2/3/2023 | Martinsburg, WV |
| MKS Instruments Inc. | 2/6/2023 | 2/3/2023 | Andover, MA |
| Mount Saint Mary College | 2/9/2023 | 12/20/2022 | Newburgh, NY |
| City of Oakland | 2/9/2023 | 2/8/2023 | Oakland, CA |
| City of Modesto | 2/9/2023 | 2/3/2023 | Modesto, CA |
| A10 Networks | 2/10/2023 | 1/23/2023 | San Jose, CA |
| The Donovan Company | 2/14/2023 | 12/20/2022 | Irvine, CA |
| Penhall Company | 2/15/2023 | 12/28/2022 | Irving, TX |
| Tom James Company | 2/17/2023 | 8/20/2022 | Franklin, TN |
| Dole Food Company | 2/17/2023 | 2/10/2023 | Westlake Village, CA |
| Minneapolis Public Schools | 2/21/2023 | 2/20/2023 | Minneapolis, MN |
| Lehigh Valley Health Network | 2/22/2023 | 2/6/2023 | Allentown, PA |
| Alvaria Inc. | 2/22/2023 | 11/28/2022 | Westford, MA |
| Encino Energy | 2/24/2023 | 2/2023 | Houston, TX |
| U.S. Marshals Service | 2/27/2023 | 2/17/2023 | Arlington, VA |
| Dish Network | 2/28/2023 | 2/23/2023 | Englewood, CO |
| New Enchantment Group, LLC | 2/28/2023 | 10/4/2022 | Scottsdale, AZ |
| January 2023 | |||
| Name of the victim organization | Disclosure/report date | Attack date | Organization location |
| The Housing Authority of the City of Los Angeles | 1/2/2023 | 12/31/2022 | Los Angeles, CA |
| Swansea Public School District | 1/3/2023 | 1/3/2023 | Swansea, MA |
| Maternal & Family Health Services | 1/5/2023 | 4/2/2022 | Wilkes-Barre, PA |
| Aus, Inc. | 1/6/2022 | 11/28/2022 | Mount Laurel, NJ |
| Integrity Financial Services Group, LLC | 1/6/2022 | 11/23/2022 | Portland, OR |
| San Francisco Bay Area Rapid Transit | 1/8/2023 | 1/6/2022 | San Francisco, CA |
| Lee Kennedy Co. Inc. | 1/9/2023 | 12/2/2022 | Quincy, MA |
| Des Moines Public Schools | 1/9/2023 | 1/9/2023 | Des Moines, IA |
| Calvary Albuquerque, Inc. | 1/12/2023 | 3/10/2022 | Albuquerque, NM |
| Circleville Municipal Court | 1/12/2023 | 1/1/2023 | Circleville, OH |
| Yum! Brands | 1/18/2023 | 1/13/2023 | Louisville, KY |
| Omega Morgan | 1/18/2023 | 10/28/2022 | Hillsboro, OR |
| Livingston Memorial VNA Health Corporation | 1/20/2023 | 2/19/2022 | Ventura, CA |
| Pattillo Construction Corporation | 1/23/2023 | 11/25/2022 | Atlanta, GA |
| Wawasee Community School Corporation | 1/23/2023 | 1/20/2023 | Syracuse, IN |
| Lutheran Social Services of Illinois | 1/25/2023 | 1/27/2022 | Des Plaines, IL |
| Stratford University | 1/26/2023 | 8/27/2022 | Alexandria, VA |
| St. Rose Hospital | 1/27/2023 | 11/29/2022 | Hayward, CA |
| Tucson Unified School District | 1/30/2023 | 1/28/2023 | Tucson, AZ |
| Atlantic General Hospital | 1/31/2023 | 1/30/2023 | Berlin, MD |
| Nantucket Public Schools | 1/31/2023 | 1/31/2023 | Nantucket, MA |
