16-31 July 2015 Cyber Attacks Timeline

The dog days are finally here, and the second timeline of July could not miss the appointment (first part here).

The list of the most noticeable breaches of the second half of the month includes the University of California Los Angeles (4.5 million records potentially compromised), Ashley Madison (37 million users exposed could pay a high price for their extramarital affairs), the United Airlines, which fell victim of the same hackers who breached Anthem (and maybe this explains their bug bounty program) and, last but not least, the University of Connecticut School of Engineering.

Canada was still under attack from the hacktivists orbiting around the Anonymous collective in the wake of the controversial C51 bill and the protests following its approval in which an alleged member of the collective was shot dead.

Scroll down the timeline to have a complete view of the threat landscape for July and, as usual, remember to keep the level of attention very high. In the same time if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Timeline in CSV Format:  CSV Icon

IDDateAuthorTargetDescriptionAttackTarget
Class
Attack
Class
CountryLink
116/07/2015?http://unicredit.uaCyphort Labs discovered a malware infection at the Ukrainian website of UniCredit bank: unicredit.ua.Iframe InjectionFinanceCCUA
http://www.cyphort.com/unicredit-compromised/
216/07/2015?GO Shop
http://shop.ufgo.org/
An anonymous hacker hacks shop.ufgo.org and dumps 1,194 usernames and clear text passwords.UnknownIndustry: E-CommerceCCYUhttp://siph0n.in/exploits.php?id=3931
317/07/2015?University of California Los AngelesUniversity of California (UCLA) Health is hit by a cyberattack that potentially exposes the data of about 4.5 million people in the region.Targeted AttackEducationCCUS
http://www.zdnet.com/article/ucla-health-hit-by-hack-millions-affected/
417/07/2015?PNI Digital Media, affecting:
CVSphoto.com
Sams Club
Walgreens
Rite Aid
Tesco
Pharmacy chain CVS takes down its online photo center CVSphoto.com, replacing it with a message warning that customer credit card data may have been compromised. The incident comes just days after Walmart Canada, and is the consequence of the compromise of the third party hosting the website (PNI). Other affected companies include: Sams Club, Walgreens, Rite Aid and Tesco, to name a few.UnknownIndustry: Online ServicesCCUS
http://krebsonsecurity.com/2015/07/cvs-probes-card-breach-at-online-photo-unit/
517/07/2015Rex MundiAFC KredietenHacker collective Rex Mundi claims to have stolen 24,000 financial records from Belgian loan company AFC Kredieten, and threatens to publish every loan applicant record in its possession if the company does not pay up a ransom. As proof that they have successfully hacked the company, Rex Mundi publishes some personal accounts and leaves a banner notification on the AFC Kredieten website.UnknownFinanceCCBEhttp://www.theregister.co.uk/2015/07/17/hacker_group_claims_theft_of_24000_belgian_loan_applicants_data/
617/07/2015Blacksmith Hacker’s Teamhttp://www.presidentofpakistan.gov.pk
(Pakistani President Mamnoon Hussain’s website)
Pakistani President Mamnoon Hussain’s website (presidentofpakistan.gov.pk) is defaced by a group of Bangladeshi hackers called Blacksmith Hacker’s Team. Inside the same operation, 72 other Pakistani government websites are defaced as well.DefacementGovernment
CWPK
https://www.hackread.com/pakistani-president-website-hacked/
718/07/2015Anonymoushttp://www.rcmp-grc.gc.ca
(Canadian Mounted Police)
Members of the Anonymous collective claim to have crashed the Royal Canadian Mounted Police (RCMP) website as a part of a battle to retaliate the murder of a member in a shooting involving the Canadian Police.DDoSLaw EnforcementHCAhttps://www.hackread.com/anonymous-targets-canadian-police-rcmps-website/
818/07/2015@ElSurveillancehttp://MeetMeInYourCity.com@ElSurveillance starts his personal battle against websites promotes escorts, defacing MeetMeInYourCity.com and leaking 2500 usernames and clear text passwords.SQLiEscortHUS
http://www.databreaches.net/meetmeinyourcity-user-email-addresses-and-passwords-dumped/
919/07/2015The Impact TeamAshley Madison
http://www.AshleyMadison.com
Ashley Madison, an online dating website that specifically targets people looking to have an affair, is hacked by a group that calls itself Impact Team. The authors of the attack threaten to release the entire database of 37 million users.UnknownOnline DatingCCCAhttp://arstechnica.com/security/2015/07/ashley-madison-an-dating-website-for-cheaters-gets-hacked/
1019/07/2015@ElSurveillancehttp://www.captain69.co.uk/@ElSurveillance continues his battle against websites promotes escorts. This time the target is captain69.co.uk and the leaked records are about 2600.SQLiEscortHUKhttp://www.databreaches.net/another-escort-service-related-site-hacked-with-data-dumped/
1120/07/2015@ElSurveillancehttp://ohcecilia.com
http://seductivealchemy.com
http://sofiadelterra.com
http://taliaamour.com
http://tabithalayne.com
http://tawnybrie.com
Other Escort service end up under the unwelcome attention of @ElSurveillance and are defaced.DefacementEscortH>1http://www.databreaches.net/more-escort-related-services-hacked/
1221/07/2015FireHackhttp://furydown.com/A hacker dubbed FireHack dumps furydown.com (a DDoS tool) and dumps 3000 usernames and hashed passwords.SQLiDDoS Tool
CCN/Ahttp://pastebin.com/icXAEUpD
1322/07/2015AnonymousPublic Service Labour Relations and Employment Board
http://pslreb-crtefp.gc.ca
Hackers from the Anonymous collective break into the network of the tribunal that adjudicates disputes between public servants and the federal government and dump 3856 records.SQLiGovernmentHCAhttp://www.orangeville.com/news-story/5753454-federal-tribunal-targeted-in-cyberattack/
http://pastebin.com/aCvD9cVn
1423/07/2015AnonymousUnited States Census Bureau
http://census.gov/
Members of the online activist collective Anonymous take credit for hacking the United States Census Bureau (census.gov) and leaking the details of its 4,200 employees including names, hashed passwords, email, addresses, phone numbers and positions within the US Government. The reason for the cyber-attack is the recent Trans-Pacific Partnership (TPP) and Transatlantic Trade and Investment Partnership (TTIP).SQLiGovernmentHUS
http://www.ibtimes.co.uk/anonymous-hacks-us-census-bureau-over-ttip-agreement-leaking-employee-details-online-1512244
1523/07/2015?CoinCutUK bitcoin exchange CoinCut is investigating a possible data breach which exposed sensitive customer information including passport and card data to the public.UnknownBitcoin Exchange
CCUKhttp://www.infosecurity-magazine.com/news/bitcoin-exchange-coincut/
1624/07/2015DetoxRansomeBitDefenderA hacker called DetoxRansome hacks BitDefender and blackmails the company, demanding a ransom of $15,000 and threatening to release the stolen usernames and passwords (allegedly kept in clear) in case the ransom is not paid.Unknown
(Unspecified Vulnerability)
Industry: SoftwareCCROhttp://www.forbes.com/sites/thomasbrewster/2015/07/31/bitdefender-hacked/?ss=Security
1724/07/2015?HealthfirstNew York-based Healthfirst notifies about 5,300 current and former members that their personal information may have been compromised in a criminal fraud scheme.UnknownHealthcareCCUS
http://www.scmagazine.com/data-on-5300-healthfirst-members-caught-up-in-fraud-scheme/article/429020/
1824/07/2015?http://www.scalemodeltoys.com
An unknown attacker hacks scaledomdeltoys.com and dumps 2,623 usernames and clear text passwords.SQLiIndustry: E-CommerceCCUS
http://pastebin.com/3073415ca
1925/07/2015AnonymousCanadaHackers from the Anonymous collective say they breached supposedly secure Canadian government computers and accessed high-level, classified national security documents as retaliation for last week’s fatal shooting by the RCMP of a protester in British Columbia. To support their claim, they publish a document that appears to be legitimate Treasury Board of Canada notes on federal cabinet funding to fix flaws in the foreign stations of the Canadian Security Intelligence Service (CSIS).Unknown
GovernmentHCAhttp://news.nationalpost.com/news/canada/anonymous-says-it-hacked-canadas-security-secrets-in-retaliation-for-police-shooting-of-b-c-activist
2025/07/2015@NightmareSquadUniversity of Queensland
http://www.uq.edu.au/
A Group of Hacktivists calling themselves @NightmareSquad hacks the University of Queensland and dumps 9 individuals’ e-mail addresses and clear-text passwords.UnknownEducationHAUhttp://www.databreaches.net/au-university-of-queensland-logins-leaked-by-nightmare-squad/
2125/07/2015The Exploit3rsMorocco ccTLDA group of hackers going with the handle of The Exploit3rs deface the official Moroccan domains of Google, Microsoft and Kaspersky Labs. The attack was possible since the attackers hacked into the Internet country code top-level domain (ccTLD) for Morocco.DNS HijackingInternet ServicesCCMAhttps://www.hackread.com/google-microsoft-kaspersky-morocco-hacked/
2226/07/2015VikingDom2016NYMag.com
New York Magazine
New York magazine’s website was taken down, apparently by hackers trying to silence it, just hours after publishing the accounts of 35 women who say they were raped by Bill Cosby.DDoSNewsCCUS
http://qz.com/464609/hackers-say-we-know-one-of-them-females-in-the-cover-after-new-york-magazines-website-goes-down-in-an-attack/
2326/07/2015?
Planned ParenthoodA group of hackers who oppose the healthcare nonprofit's abortion practices release Planned Parenthood's website databases as well as names and email addresses of the organization's employees.SQLiOrg: HealthH
US
http://www.dailydot.com/politics/planned-parenthood-hacked-anti-abortion-3301/
2429/07/2015? (China?)United AirlinesA report from Bloomberg reveals that the hackers who stole data on tens of millions of U.S. insurance holders and government employees in recent months breached another big target at around the same time: United Airlines. The attacked probably happened in May, early June.Targeted AttackIndustry: AirlineCEUS
http://www.bloomberg.com/news/articles/2015-07-29/china-tied-hackers-that-hit-u-s-said-to-breach-united-airlines
2529/07/2015?Hanesbrands Inc.Hanesbrands Inc. reveals that a customer order database was breached by a hacker in June, compromising information for about 900,000 online and telephone customers.UnknownIndustry: ClothingCCUS
http://www.journalnow.com/business/business_news/local/hanesbrands-database-hacked/article_543b338e-3664-11e5-b77e-c77df1e08b5c.html
2630/07/2015?UkraineESET reveals that the Win32/Potao malware family has been used for the past five years in covert targeted attacks against the Ukrainian government, served up by a trojanized Russian version of encryption software TrueCrypt.Targeted AttackGovernmentCEUA
http://www.infosecurity-magazine.com/news/potao-trojan-served-up-by-russian/
2730/07/2015?PagerDutyAlarm aggregation and dispatching service PagerDuty detects an unauthorized intrusion by an attacker who gained access to customer information, and the company requires that all customers change their passwords. UnknownIndustry: SoftwareCCUS
http://www.scmagazine.com/the-data-breach-blog/section/1263/
2830/07/2015?Planned ParenthoodPlanned Parenthood websites are taken down by a DDoS attack and, according to the main page, undergoing maintenance.DDoSOrg: HealthHUS
http://www.scmagazine.com/planned-parenthood-websites-downed-in-ddos-attack/article/429563/
2930/07/2015APT29>1
Researchers at FireEye unveil a stealthy malware backdoor, named HAMMERTOSS and attributed to Russian group APT29, which uses Twitter and GitHub to disguise Its ActivityTargeted AttackGovernmentCE>1http://news.softpedia.com/news/hammertoss-malware-uses-twitter-and-github-to-disguise-its-activity-488123.shtml
3031/07/2015? (China?)University of Connecticut School of EngineeringThe University of Connecticut reveals the details of a cyber intrusion through which hackers apparently originating in China gained access to servers at UConn’s School of Engineering.Targeted AttackEducation
CEUS
http://today.uconn.edu/2015/07/uconn-responds-to-data-breach-at-school-of-engineering/

3 thoughts on “16-31 July 2015 Cyber Attacks Timeline

Leave a Reply

%d bloggers like this: