Litany Of The Hacked: January 2026 Wrap-Up

The groundhog has emerged to find...6 MORE WEEKS OF HACKS AND CYBERATTACKS!

Wait, only 6??!!

The litany of the hacked is our listing for each known/reported hack in the previous month. The point of the litany is not shame but awareness-raising that, well, these sorts of things happen.

And so, the litany of the hacked for January 2026, which now includes some big-time targets, entire cities, and nation-state actors. Amazing that the groundhog even tries to guesstimate!

Caracas, VZ...Islamic Republic of Iran Broadcasting (IRIB)...Kensington and Chelsea Council, UK...Instagram...Google Play...Palo Alto Networks...Sedgwick Government Solutions...KPMG Netherlands...Crunchbase...Nike...Poland's power grid...Fortinet...McDonald’s India...Luxshare Precision...Ingram Micro...Spokane County, WA...Gmail (AGAIN!)...The College Board's online SAT...

The list goes on.

Here's an...exciting...bonus: according to James Azar over at the Cyber Hub podcast, malicious Chrome and Edge browser "productivity" extensions are stealing ChatGPT tokens. Lesson: please review the entire IT access ecosystem BEFORE you plug AI into your operations.

And "ecosystem" includes using Microsoft Copilot within your Office suite as well as physical peripherals such as earbuds. Not saying you should not use these tools. We're saying that you should not make the mistake of thinking that they are secure because they're there. 

A report from Check Point estimated that "Ransomware up 60% as Gen AI Data Risk Soars." To operationalize this, the report further stated that "The December 2025 Global Cyber Attack Statistics from Check Point reveals that, on average, organisations were attacked 2,027 times per week – up 9% compared to December 2024."

2,027 times a week is about 290 times a day. (No word whether that includes the 2.46 million attacks a day on Taiwan's infrastructure but we'll go with no it does not.) Remember, that's 290 reported cyberattacks a day over all reporting institutions; so, even if you're not experiencing 290 attacks a day there are gangs initiating around 290 cyberattacks a day. Cybersecurity organizations should calibrate their staffing v. AI system balances accordingly.

Whatever happens, the role of AI in cybersecurity will become increasingly important and will need to continue to evolve. Practitioners will need to think more broadly regarding systems -- move beyond CPUs and servers to the systems that your cyber-infrastructure interacts with. And please update your security software.

Don't try to wait out the next attacks, they are coming to you sooner than the next groundhog day. Ask us how you can reduce your chances of joining the litany.

(photo credit: Cephas, CC BY-SA 4.0 <https://creativecommons.org/licenses/by-sa/4.0>, via Wikimedia Commons)