16-30 June 2016 Cyber Attacks Timeline

If you had any hope that the trail of mega breaches and mega hacks could end in June you will be disappointed, since this second half of the month has confirmed, if not worsened, the trend of the last period.

Unsurprisingly more and more records are on sale in the dark web. The list of this fortnight includes 154 million voter profiles on US citizens, 1.1 million users of Lookbook, a social fashion community, 9.2 million records siphoned from at least 3 healthcare databases and, last but not least, a mid-2014 copy of the controversial database World-Check containing details of 2.2 million individuals suspected of terrorism.

But even the trends of mega hacks continued, and the most noticeable cases concernt the DAO foundation (criminals made off with more than 3.6 million Ethereum, whose value is between $45 and $77 million given the consequent volatility of the value), yet another attack carried on via the SWIFT messaging system, stealing $10 million from an unnamed Ukrainian bank, according to an ISACA report, and a global password reset for “GoToMyPC” users amid a “sophisticated cyber attack”.

The list of the victims also include Google CEO Sundar Pichai and Brendan Iribe, CEO of virtual reality company Oculus, whose Twitter accounts have been hacked (but this time with limited damages except for the reputation of the owners), and the US Democratic Party, which had other internal documents leaked by Guccifer 2.0.

As usual, scroll down the timeline for the details of the events (and remember that the description has a hyperlink that jumps to the original source). And if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Additionally, if you want, you can access the timeline in Google Sheet format: spreadsheets-32

ID Date Author Target Description Attack Target Class Attack Class Country
1 14/06/2016 ? Vermont Fish & Wildlife Department The Vermont Fish & Wildlife Department reports that data of those purchasing hunting or fishing licenses may have been compromised on two separate occasions (December 2015 and again in January 2016). Unknown Government CC US
2 15/06/2016 1×0123 Fidelity National Information Services, Inc. (FIS Global) 1×0123, the same hacker who previously claimed to have hacked PornHub, claims to have hacked the client portal of Fidelity National Information Services. Undisclosed Vulnerability Industry: Finance CC US
3 15/06/2016 ? Unnamed Chinese Gambling Site Incapsula reveals the details of a 470 Gbps DDoS attack on an unnamed gambling website. DDoS Industry: Gambling CC CN
4 15/06/2016 ? Multi-Color Corporation Multi-Color, a label solutions firm, reports that a break-in at a third party affiliate resulted in the compromise of Multi-Color employee personally identifiable information. Unknown Industry: Label Solutions CC US
5 16/06/2016 ? Jordan’s Official News Agency Jordan’s official state news agency has claimed a hacker is responsible for breaching its computer system to insert false comments into a story describing how Saudi Arabia royalty funded 20% of Hillary Clinton’s presidential campaign. Unknown News CC JO
6 17/06/2016 ? The DAO Unknown attackers attack the DAO foundation and steal more than 3.6 million Ethereum (whose value is between $45 and $77 million) Cripto Currency Vulnerability Industry: Cryptocurrency Software CC US
7 17/06/2016 ScarCruft >1 Kaspersky Lab reveals the details of Operation Daybreak, a campaign carried on by an APT group called ScarCruft, and targeting victims in Russia, Nepal, South Korea, China, India, Kuwait and Romania. Targeted Attack >1 CE >1
8 17/06/2016 ? Besa Hitman-for-Hire Service Once again, bRpsd hacks the Dark Web portal of the Albanian mafia group called Besa, and dumps the data online and exposing their hitman-for-hire service. SQLi Online Services CC AL
9 17/06/2016 Union of Hacktivists Eleven Media Group (EMG) Myanmar-language website The Union of Hacktivists defaces the Eleven Media Group (EMG) Myanmar-language website Defacement News H MM
10 19/06/2016 ? GoToMyPC GoToMyPC the remote access software service is hit by hackers conducting a “very sophisticated password attack”. The company initiates password resets for all users. Targeted Attack Industry: Software CC US
11 19/06/2016 ? Quebec Liberal Party (PLQ) The Quebec Liberal Party (PLQ) fixes a security issue in their video conferencing software that allowed an unknown hacker to spy on their meetings and even access the video camera. Undisclosed Vulnerability Org: Political Party CC CA
12 20/06/2016 The United Cyber Caliphate 77 U.S. and NATO air force facilities around the world ISIS Cyber Caliphate has collected information on 77 U.S. and NATO air force facilities around the world and is calling on supporters to attack them, according to South Korea’s intelligence agency. The terror group has also released information on individuals in 21 countries. Unknown Military CW US
13 20/06/2016 Lizard Squad Blizzard’s Battle.net Blizzard’s Battle.net experiences an outage, leaving players unable to log in to popular games such as Overwatch, Hearthstone and World of Warcraft due to an alleged DDoS attack. Notorious hacker group Lizard Squad has claimed responsibility for the latest disruption. DDoS Industry: Video Games CC US
14 20/06/2016 Guccifer 2.0 US Democratic Party Guccifer 2.0, the hacker who previously hacked the Democratic National Committee, leaks 21 internal documents on Hillary Clinton. Unknown Org: Political Party CC US
15 20/06/2016 ? jkanime.net An anime site popular in Mexico and South America is infected with malware redirecting visitors to a Neutrino Exploit Kit landing page. The site, Jkanime, streams anime video and has 33 million monthly visitors. Malicious JS redirection Online Streaming CC MX
16 20/06/2016 ? Single Individuals Researchers from OpenDNS detect a phishing and typosquatting campaign aimed at stealing Bitcoin and blockchain wallet credentials. Account Hijacking Bitcoin Wallets CC >1
17 21/06/2016 nofawkX-al Romanian Football Federation (FRF) An Albanian hacker named nofawkX-al defaces the website of the Romanian Football Federation (FRF), two days after the Albanian football team defeated the Romanian football team at the 2016 European Football Championship. Defacement Org: Sport (Football) H RO
18 21/06/2016 Guccifer 2.0 US Democratic Party Guccifer 2.0 leaks 260 additional internal documents on Hillary Clinton. Unknown Org: Political Party CC US
19 21/06/2016 ? Carbonite Online backup service Carbonite forces users to pick new passwords in the wake of discovering that it was under a large-scale account takeover attack. Account Hijacking Industry: Online Services CC US
20 22/06/2016 ? University of Cambridge’s Cambridge Schools Classics Project (cambridgescp.com) Hackers hit the University of Cambridge’s Cambridge Schools Classics Project website, exposing the email addresses and cleartext passwords of over 1,500 students and employees. The University confirms the Bridge. Unknown Education CC UK
21 22/06/2016 Anonymous Legion Minnesota Judicial Court (mncourts.gov) Anonymous Legion claims responsibility for taking down the Minnesota Judicial Branch’s website (mncourts.gov). DDoS Government H US
22 23/06/2016 ElSurveillance 40 escort services websites As part of a campaign dubbed #EscortsOffline, ElSurveillance defaces nearly 40 websites that offer escort services and claims to be on the verge of leaking data on 100,000 registered users. Defacement Escort websites H >1
23 23/06/2016 ? Unnamed Company A database containing 154 million voter profiles on US citizens is exposed online. Unknown N/A CC US
24 23/06/2016 ? IRS.gov The IRS announces that it has removed its electronic filing PIN tool (e-File PIN), following “additional questionable activity.” Account Hijacking Government CC US
25 23/06/2016 ? Air India India’s national airline, Air India, is the target of a hacking campaign exploiting members of the airline’s frequent-flyer program to make away with air miles. Account Hijacking Industry: Airline CC IN
26 23/06/2016 Ghost Squad Hackers 2,347 US Army personals As part of #OpSilence, Ghost Squad Hackers publish a file containing data of 2,437 US Army personals including names, emails, phone numbers, full addresses, credit card data. Unknown Military H US
27 24/06/2016 ? Japanese Businesses Security researchers discover a rare malware family in attacks that targeted numerous Japanese businesses showing a modus operandi similar to that adopted in actions against the Taiwanese government, in 2012. Targeted Attack >1 CE JP
28 25/06/2016 ? Unnamed Ukrainian Bank Another hacks carried on via the SWIFT messaging system: this time hackers have stolen $10 million from an unnamed Ukrainian bank, according to an ISACA report. Targeted Attack Finance CC UA
29 26/06/2016 thedarkoverlord Three unnamed healthcare organizations A hacker called thedarkoverlord advertises hundreds of thousands of alleged records from healthcare organizations on a dark web marketplace, including social security and insurance policy numbers. Unknown Healthcare CC US
30 26/06/2016 Red Hell Sofyan Oi An Algerian hacker called Red hell Sofyan defaces the official website of Oi telecom along with several of its subdomains. Defacement Industry: Telco H BR
31 26/06/2016 Nofawkx-al Kkuq e zi South Yorkshire Police Two Albanian hackers deface the South Yorkshire Police website. Defacement Law Enforcement H UK
32 26/06/2016 ? lookbook.nu Login data of Lookbook’s 1.1 million users is available on the darknet for sale. Unknown Social network CC US
33 27/06/2016 OurMine Twitter account of Sundar Pichai, Google CEO Google CEO Sundar Pichai is the latest victim of the hacking group ‘OurMine’ after his Twitter-linked Quora account is temporarily compromised and filled with spam links. Account Hijacking Single Individual CC US
34 27/06/2016 ? Deutsche Telekom Deutsche Telekom has warned its customers that it found account passwords for sale on the dark web. Unknown Industry: Telco CC DE
35 27/06/2016 TG-4127 1,800 targets with info interesting to Russian government Researchers at SecureWorks disclose the details of the Threat Group 4127, a state sponsored actor targeting 1,800 targets with info interesting to Russian government. Targeted Attack >1 CE >1
36 28/06/2016 ? World-Check Database Researcher Chris Vickery reveals to have obtained a mid-2014 copy of the controversial database World-Check containing details of 2.2 million individuals suspected of terrorism. Unknown Industry: Media CC CA
37 28/06/2016 ? Unnamed Jewelry Shop Researchers from Sucuri reveal the details of a massive DDoS attack against an unnamed Jewelery Shop carried on leveraging a network of 25,000 compromised CCTV boxes. DDoS Industry: Jewelry CC N/A
38 28/06/2016 ? More than a dozen House Democrats’ official websites More than a dozen House Democrats’ official websites are taken down, after Democrats ended an overnight sit-in to press for a vote on gun control legislation. DDoS Org: Political Party CC US
39 28/06/2016 thedarkoverlord Multiple Healthcare Databases Here we are again, this time thedarkoverlord claims to have broken into multiple healthcare databases across America and lists a fresh trove of 9.2m records on a Dark Web-based marketplace for 750 bitcoin (£368,000). Undisclosed Vulnerability Healthcare CC US
40 28/06/2016 ? Noodles & Company Noodles & Company announces that malware infected its backend card processing system and maybe have compromised customer credit and debit card data collected between January 31, 2016 and June 2, 2016. Malware Industry: Restaurant CC US
41 29/06/2016 @Lid Twitter account of Brendan Iribe, CEO of virtual reality company Oculus Brendan Iribe, CEO of Facebook-owned virtual reality company Oculus, is the latest victim of the trail of Twitter accounts hjiacks. Account Hijacking Single Individual CC US
42 29/06/2016 ? Muslim Match A niche dating website called Muslim Match has suffered a data breach exposing roughly 150,000 user accounts and more than half a million private messages. SQLi Dating CC UK
43 29/06/2016 ? Hard Rock Hotel and Casino Las Vegas The Hard Rock Hotel and Casino Las Vegas notifies guests of “certain restaurant and retail outlets” located at its Las Vegas casino that hackers breached payments systems extracting credit card data. Unknown Industry: Hotel and Restaurant CC US
44 29/06/2016 ? Washington County Community Development Agency The Washington County Community Development Agency warns that an unauthorized third party hacked into one of the agency’s servers earlier this month, potentially exposing certain community members and employees’ personal information. Unknown Government CC US
45 30/06/2016 Guccifer 2.0 US Democratic Party Guccifer 2.0 releases 25 new documents. Unknown Org: Political Party CC US
46 30/06/2016 ? Patterson Dental Supply Inc A breach at Patterson Dental Supply Inc compromises the information of roughly 4,300 patients of the Massachusetts General Hospital. Unknown Industry: Medical Supplies CC US
47 30/06/2016 ? University of Regina Three University of Regina computers are hacked. Names, student and employee numbers, as well as social insurance numbers, may have been accessed. Unknown Education CC US
48 30/06/2016 ? crackingforum.com The entire database of crackingforum.com (658.644 entries) is leaked on the darknet. Unknown Forum CC N/A

 

Leave a Reply

%d bloggers like this: