16-31 August 2016 Cyber Attacks Timeline

Let’s publish the second cyber attacks timeline of August (Part I here).

Another month, another trove of accounts leaked: this fortnight the list of the megabreaches includes: Dropbox (that acknowledges a 2012 breach potentially affecting 60 million users), three Mail.ru forums (25 million users), DLH.net (9 million keys used to redeem games on the Steam platform), Leet.cc (6 million), the Opera Sync Service (1.7 million) and the Epic Games Forum with “only” 800,000 users… Not bad at all, isn’t it?

On a different side Leoni AG was the victim of a BEC scam, loosing €40 million ($44.6 million) following after one of its financial officers transferred funds to a wrong bank account made up by the attackers.

And while SWIFT disclosed other attacks to its member banks, Cyber Espionage was equally quite active, the list of the victims includes (but is not limited to): a Donald Trump staff member, the Clinton Foundation, the French shipbuilder DCNS, the New York Times, and several sensitive Australian networks.

Last but not least, hacktivists were probably still in vacation as the only remarkable events concern Brazil in the wake of the Olympic Games.

As usual, if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format: spreadsheets-32

IDDateAuthorTargetDescriptionAttackTarget
Class
Attack
Class
Country
105/08/2016?Android UsersSecurity researchers from Kaspersky Lab reveals the details of a mobile trojan distributed via the AdSense Network.Malware (Mobile)Single IndividualsCC>1
216/08/2016?Leoni AGLeoni AG, Europe's biggest manufacturer of wires and electrical cables and the fourth-largest vendor in the world, announces it lost €40 million ($44.6 million) following an online scam that tricked one of its financial officers into transferring funds to the wrong bank account.Account HijackingIndustry: ManufacturingCCDE
316/08/2016?Local Council of BrisbaneThe local council of the Australian city of Brisbane loses A$450,000 (£248,000, US$334,000, EUR 293,000) from email-whaling scammers who trick staff into wiring money into their bank accounts.Account HijackingGovernmentCCAU
416/08/2016AnonOpsBROBS (Olympic Broadcasting Services)In name of #OpOlympicHacking, Brazilian hacktivist group AnonOpsBR leaks a supposed data dump of OBS (Olympic Broadcasting Services).SQLiOrg: BroadcastingHINT
516/08/2016?socialblade.comSocialblade.com is hacked and 273,086 users are leaked.UnknownSocial networkCCCA
617/08/2016?Industrial and Engineering CompaniesKaspersky reveals the details of Operation Ghoul, a campaign targeting several industrial and engineering companies primarily in the United Arab Emirates.Targeted Attack>1CC>1
717/08/2016?Center for Neurosurgical and Spinal DisordersThe Center for Neurosurgical and Spinal Disorders announces a breach occurred in July. A hacker gained remote access to the office manager's computer and obtained screenshots of 1000+ patients' information.UnknownHealthcareCCUS
818/08/2016?Eddie BauerEddie Bauer announces that unknown intruders broke into its network and planted malware for capturing payment card data from its POS network. Data belonging to customers who used payment cards at all 370 Eddie Bauer locations in the US, Canada was compromised.PoS MalwareIndustry: RetailCCUS
918/08/2016?Donald Trump staff memberReuters reveals that hackers targeted the computer systems of presidential candidate Donald Trump and Republican Party organizations.Targeted AttackCyber EspionageCEUS
1018/08/2016?DLH.netLeakedSource reveals that more that nine million keys used to redeem and activate games on the Steam platform were stolen by a hacker who breached DLH.net last month.vBulletin VulnerabilityOnline ServicesCCDE
1118/08/2016Suspected Russian Hackers?The Clinton FoundationThe Clinton Foundation is said to hire the security firm FireEye to examine its data systems after seeing indications they might have been hackedTargeted AttackOrg: Non-ProfitCEUS
1218/08/2016?Leet.ccLeet.cc, a service for creating and running Minecraft Pocket Edition servers, is hacked and 6 million accounts are dumped in the dark web.UnknownOnline ServicesCCUS
1318/08/2016Master of PainInternational Weightlifting Federation (iwf.net)Iranian hackers deface the website of the International Weightlifting Federation (IWF), following a controversial decision that disqualified Iranian weightlifter Behdad Salimikordasiabi.DefacementOrg: SportCCINT
1418/08/2016Hacktivists from itsgoingdown.orgRoad SignsHacktivists from itsgoingdown.org hack a road sign to display messages against the police.UnknownRoad SignHUS
1520/08/2016Suspected Chinese Hackers?National Defense University (NDU)The National Defense University (NDU) in Taiwan confirms that its computer system had been hacked in July but also confirms that no classified information had been stolen.Targeted AttackEducationCETW
1621/08/2016promCincinnati Zoo Botanical Garden director Thane Maynard Twitter AccountThe Twitter account of the Cincinnati Zoo Botanical Garden director, Thane Maynard, is hacked by an attacker called @prom. In his tweets the attacker refers repeatedly to Harambe, the endangered gorilla killed this summer to protect a child that climbed into the primate's enclosure.Account HijackingSingle IndividualHUS
1720/08/2016OurMineWikipedia co-founder Jimmy Wales Twitter Account (@jimmy_wales)Wikipedia co-founder Jimmy Wales' Twitter account is hacked by the infamous collective OurMine and posts bogus news of his death.Account HijackingSingle IndividualCCUS
1822/08/2016?Unreal Engine Forum Unreal Tournament ForumEpic Games confirms that the Unreal Engine and Unreal Tournament forums as well as some of its legacy forums were compromised in a massive breach affecting over 800,000 users. The attack was allegedly carried out on 11 August.SQLiIndustry: Video GamesCCUS
1922/08/2016?Turkish investigative journalist Barış PehlivanTurkish investigative journalist Barış Pehlivan spent 19 months in jail, accused of terrorism based on documents found on his work computer. An investigation reveals that those files were put there by someone who removed the hard drive from the case, copied the documents, and then reinstalled the hard drive. The attackers also attempted to control the journalist’s machine remotely, trying to infect it using malicious email attachments and thumb drives. Among the viruses detected in his computer was an extremely rare trojan called Ahtapot.Targeted AttackSingle IndividualCCTR
2022/08/2016?SCAN Health PlanSCAN Health Plan notifies users that remote attackers were able to gain access to the contact sheets system and accessed the personal information of past and current members and some non-plan members of SCAN Health Plan, SCAN Health Plan Arizona, and VillageHealth plans.UnknownHealthcareCCUS
2123/08/2016?DCNSIndia investigates a massive data leak from French shipbuilder DCNS that affected a major submarine contract for its navy, defence officials say. The company admits the leak is the result of a hack.UnknownIndustry: DefenceCEFR
2223/08/2016?Government Savings Bank (GSB)The central bank of Thailand (BoT) issues a warning to commercial banks in the region about security vulnerabilities in roughly 10,000 NCR ATMs that were exploited by an Eastern European gang of cybercriminals to steal 12 million baht (£260,000, $350,000).Undisclosed VulnerabilityFinanceCCTH
2323/08/2016?Blizzard's Battle.net serversBlizzard's Battle.net servers are hit with yet another DDoS attackDDoSIndustry: Video GamesCCUS
2423/08/2016?gragaming.comThe gtagaming.com forum is hacked and the details of 200,000 users are conseuquently compromised.vBulletin VulnerabilityOnline ForumCCUS
2523/08/2016SonnySpooksmylloyd.comSonnySpooks hacks mylloyd.com and dumps 30,638 usernames ans passwordsUnknownIndustry: EngineeringCCIN
2624/08/2016Two Unknown HackersThree Mail.ru Forums: cfire.mail.ru, parapa.mail.ru, tanks.mail.ruThree Mail.ru forums are hacked resulting in over 25 million user accounts being compromised. Hackers breached three separate forums: cfire.mail.ru (Cross Fire game), parapa.mail.ru (ParaPa Dance City game) and tanks.mail.ru (Ground War: Tank game) and stole usernames, email addresses, passwords and more. THe hack happened earlier in August.SQLiIndustry: InternetCCRU
2724/08/2016Russian State Sponsored HackersThe New York TimesThe CNN reveals that hackers thought to be working for Russian intelligence have carried out a series of cyber breaches over the past few months targeting reporters at The New York Times and other US news organizations.Targeted AttackNewsCEUS
2824/08/2016?Leslie Jones WebsiteAn unknown hacker breaks into the personal website of Leslie Jones (Ghostbusters reboot's co-star) and posts all of her identification, including driver's license, passport, and personal photosUnknownSingle IndividualCCUS
2924/08/2016?Cincinnati Zoo Botanical Garden director Thane Maynard Twitter AccountThe Twitter account of the Cincinnati Zoo Botanical Garden director, Thane Maynard, is hacked for the second time in few days by an unknown attacker.Account HijackingSingle IndividualCCUS
3024/08/2016?Orleans Medical Clinic PatientOrleans Medical Clinic reveals to have been recently the victim of a hacking incident that resulted in inappropriate access to certain information about the Clinic’s 6,890 patients.UnknownHealthcareCCUS
3124/08/2016?FuncomFuncom, makers of The Secret World, The Longest Journey, Age of Conan and Anarchy Online, announced earlier this morning that their forums have been compromised and user data exposed.UnknownIndustry: Video GamesCCNO
3224/08/2016Mr. HighFish and wildlife agencies of Washington, Kentucky, Oregon and IdahoA hacker called Mr. High claims to have hacked the fish and wildlife agencies of Washington, Kentucky, Oregon and Idaho. Near 7,000,000 records are leaked.UnknownGovernmentCCUS
3326/08/2016?DropboxDropbox forces a number of users to change their passwords after discovering a set of account details linked to an old data breach. The breach dates back to 2012 and affects potentially 60 million users.UnknownIndustry: Online ServicesCCUS
3426/08/2016?Opera Web Browser Sync SystemOpera confirms that an unknown hacker managed to gain access to its Opera sync system, potentially compromising the data of about 1.7 million active users. In response to the breach, the company has issued a forced password reset for all Sync users.UnknownIndustry: SoftwareCCNO
3526/08/2016Team Error 404Tom Hiddleston's Instagram AccountTom Hiddleston's brand new Instagram account is hacked just weeks after he joined and starts to post some odd posts.Account HijackingSingle IndividualCCUK
3626/08/2016The Sri Lanka YouthSri Lanka President Maithripala Sirisena Website (president.gov.lk)A seventeen-year-old schoolboy, under the pseudonym "The Sri Lanka Youth" defaces the website of Sri Lanka president Maithripala Sirisena (president.gov.lk) because of a scheduling conflict with the exams' dates. The Author is arrested few days after.DefacementGovernmentCCLK
3726/08/2016?Two unnamed petrochemical complexes in IranBloomberg reveals that Iran has detected and removed malicious software from two of its petrochemical complexes. The malware was "inactive" and seems not to be related to recent petrochemical fires.Targeted AttackIndustry: OilCWIR
3826/08/2016?Millennium Hotels And Resorts (MHR)Millennium Hotels And Resorts (MHR) announce investigations into a suspected data breach at its properties following notifications received from the US Secret Service.PoS MalwareIndustry: Hotel and HospitalityCCUS
3926/08/2016?Noble House Hotels and Resorts (NHHR)Noble House Hotels and Resorts also announces an investigation following a data breach at its PoS System.PoS MalwareIndustry: Hotel and HospitalityCCUS
4026/08/2016?Municipal District of the Opportunity No. 17 (Northern Alberta)The Municipal District of the Opportunity No. 17 announces that all its files were accessed, including personal and financial information.UnknownGovernmentCCCA
4127/08/2016Ghost Squad Hackers (GSH)Bank of Israel and the Prime Minister's OfficeHackers from the collective Ghost Squad Hackers (GSH) take down the websites of the Bank of Israel (bankisrael.gov.il) and the Prime Minister's Office (pmo.gov.il). The attacks are carried on to protest against the occupation of Palestine.DoSGovernmentHIL
4227/08/2016AnonymousDeutsche Immobilien-Leasing Ltd (Dil.de)In name of OpAnarchists, the Anonymous deface the official website of Deutsche Immobilien-Leasing Ltd (Dil.de).DefacementFinanceHDE
4328/08/2016Shad0wS3CParaguay's Secretary of National Emergency (seng.gov.py)Shad0wS3C leaks some internal data from Paraguay's Secretary of National Emergency (SNE).SQLiGovernmentHPY
4428/08/2016Websites HunterKuwait Automotive Imports Company (Kaico.net)A hacker going by the handle of “Websites Hunter” breaches into the server of Kuwait Automotive Imports Company (Kaico.net) and steals personal details of 10,000 customersUnknownIndustry: AutomotiveCCKW
4529/08/2016?Infowars (infowars.com)Motherboard reveals that about 50,000 subscriber accounts for media company Infowars are being traded in the digital underground. The company admits the data was dumped from a breach occurred in 2012.SQLiIndustry: MediaCCUS
4629/08/2016Cozy Bear or APT29Several Russia-focused think tanks in WashingtonDefense One reveals that the same Kremlin-backed group that hacked the Pentagon, State Department, and DNC also targeted several Russia-focused think tanks in Washington.Targeted AttackOrg: Think TankCEUS
4729/08/2016Suspected state-sponsored hackers based in ChinaSensitive Australian Government and corporate computer networksSeveral sensitive Australian Government and corporate computer networks, including Australia's defence research division, the Defence Science Technology Group and Austrade, the Australian trade commission, are believed to have been targeted by China-based hackers.Targeted AttackGovernmentCEAU
4829/08/2016?Mr ChowThe website for popular fine Chinese cuisine “Mr Chow” restaurants has been hacked and is redirecting visitors to ransomware.Malicious Script InjectionIndustry: RestaurantCCUS
4930/08/2016?SWIFTSWIFT discloses new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February's high-profile $81 million heist at Bangladesh Bank. In a private letter to clients, SWIFT says that new cyber-theft attempts - some of them successful - have surfaced since June, when it last updated customers on a string of attacks discovered after the attack on the Bangladesh central bankMalwareFinanceCC>1
5030/08/2016Suspected state-sponsored hackers based in RussiaArizona and Illinois voter databaseUS intelligence officials confirm that hackers based in Russia were behind two recent attempts to breach state voter registration databases. The breaches included the theft of data from as many as 200,000 voter records in Illinois.Targeted AttackGovernmentCCUS
5130/08/2016?Minecraft World Map (minecraftworldmap.com)About 71,000 user accounts and IP addresses have been leaked from Minecraft fan website Minecraft World Map. The dump includes email addresses, IP address data, usernames, and passwords for popular site Minecraft World Map.UnknownOnline ServicesCCUS
5230/08/2016?Unnamed Government Institutions in Saudi ArabiaOfficials and cyber-security experts from Saudi Arabia hold urgent talks in Riyadh following cyber-attacks against several government facilities.UnknownGovernmentCESA
5330/08/2016OurMineAmanda Cerny's Vine accountHackers from the collective OurMine hijack Amanda Cerny's Vine account.Account HijackingSingle IndividualCCUS
5431/08/2016?OneLoginOnline password manager OneLogin is breached. In particular the Secure Notes facility was breached, allowing the intruder to read in cleartext notes edited between 2 June and 25 August this year.Unspecified BugIndustry: SoftwareCCUS
5531/08/2016PoodleCorpElectronic ArtsThe PoodleCorp collective claims to have taken down the EA servers shortly after the open beta for upcoming shooter Battlefield 1 went live.DDoSIndustry: Video GamesCCUS
5631/08/2016?Jerry's ArtaramaA letter goes out to customers of Jerry's Artarama advising that its online portal "may have been attacked" by a hacker and customer information "may have been compromised."UnknownIndustry: E-CommerceCCUS
5731/08/2016?Redis Database UsersDuo Security discovers that an unknown crook is hacking more than 18,000 Internet-exposed Redis servers, adding a rogue SSH key on infected systems, deleting user data, and leaving a ransom note behind in an attempt to fool the server owner that their data was encrypted by ransomware.Redis Database MisconfigurationSingle IndividualsCC>1
5831/08/2016?Presnell GageAccounting firm Presnell Gage notifies about 100 individuals or companies that their information may have been hacked during a data breach in the past month, and fraudulent tax returns filed.UnknownAccounting FirmCCUS
5931/08/2016?The New York State Psychiatric InstituteThe New York State Psychiatric Institute notifies 21,880 research participants of a hack happened between April and May.UnknownHealthcareCCUS

Leave a Reply

%d bloggers like this: