1-15 July 2017 Cyber Attacks Timeline

Et voilà, time has come to publish the first timeline of July, covering the main cyber attacks occurred during the first two weeks of July.

And even if the numbers of attacks has sensibly decreased, the July sun has brought us the real extent of the breach to Sabre Hospitality Solutions! The company has acknowledged the incident, occurred earlier in May, and immediately afterwards the list of the affected company has become to populate, including Google, Hard Rock Hotels & Casinos, Loews Hotels, Four Seasons Hotels and Resorts and, once again, Trump International Hotels Management.

Other interesting events include what is probably the biggest breach in India (120 million Reliance Jio customers), the discovery of a breach suffered by Avanti Markets, a cyber attack against the energy network running the Republic of Ireland’s national grid, and the discovery of yet another operation against the critical infrastructures and energy companies around the world, primarily in Europe and the United States.

As usual scroll down the whole list for all the events happened in this fortnight. And if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Additionally, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format.

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
101/07/2017?PVHS-ICM Employee Health and WellnessPVHS-ICM Employee Health and Wellness notifies his patients to have been hit by a ransomware attack.MalwareHealthcareCCUS
203/07/2017?MedicareThe Guardian reveals that a darknet trader is illegally selling the Medicare patient details of any Australian on request by “exploiting a vulnerability” in a government system.Undisclosed VulnerabilityHealthcareCCAU
303/07/2017?GoogleIn the wake of the breach occurred to Sabre Hospitality Solutions earlier in May, the personal details of a small number of Google staffers have been exposed, according to a notification letter Google sends out to affected employees.Account HijackingIndustry: Internet ServicesCCUS
406/07/2017?Hard Rock Hotels & CasinosAnother consequence of the Sabre breach, Hard Rock Hotels & Casinos reveals that for seven months, attackers had unauthorized access to a third-party reservation system, which allowed them to attain unencrypted credit card payment information, as well as guest names, addresses and phone numbers.Account HijackingIndustry: Hotel and HospitalityCCUS
506/07/2017?Loews HotelsAnd the same happens for luxury hotel chain Loews Hotels.Account HijackingIndustry: Hotel and HospitalityCCUS
606/07/2017?Four Seasons Hotels and ResortsAnd the list of the victims of the Sabre attack also includes Four Seasons Hotels and Resorts.Account HijackingIndustry: Hotel and HospitalityCCUS
706/07/2017?Android DevicesCheck Point reveals the details of CopyCat, a new strain of a malware that has infected more than 14 million Android devices around the world, rooting phones and hijacking apps to make millions in fraudulent ad revenue.MalwareSingle IndividualsCC>1
806/07/2017?Android DevicesTrend Micro reveals the details of SLocker, a variant of the oldest lock-screen and file-encrypting, using the WannaCry interface.MalwareSingle IndividualsCC>1
907/07/2017?gandi.netFrench domain registrar Gandi loses control over 751 customer domains, which have their DNS records altered to point incoming traffic to websites hosting exploits kits.DNS HijackingIndustry: Web HostingCCFR
1007/07/2017?B&B TheatresB&B Theatres, a company that owns and operates the 7th-largest theater chain in America, says it is investigating a breach of its credit card systems starting in September 2015.MalwareIndustry: EntertainmentCCUS
1107/07/2017?Critical infrastructure and energy companies around the world, primarily in Europe and the United StatesTalos reveals the details of an email-based attack targeting the energy sector, including nuclear power for multiple energy companies around the world, primarily in Europe and the US.Targeted AttackUtility: EnergyCE>1
1208/07/2017?Avanti MarketsAvanti Markets, a self-service payment kiosks vendors acknowledges to have suffered of breach of its internal networks in which hackers were able to push malicious software out to payment devices.MalwareIndustry: Payment KiosksCCUS
1308/07/2017?Deep HostingDeep Hosting, a Dark Web hosting service, admits to have suffered a major security incident during which "some sites have been exported"Remote ShellDark Web HostingCCN/A
1409/07/2017?Reliance JioPersonal details of some 120 Million Reliance Jio customers are exposed on the Internet in probably the biggest breach of personal data ever in India.UnknownIndustry: TelcoCCIN
1509/07/2017?Real Estate Business Services (REBS)Real Estate Business Services (REBS), a subsidiary of the California Association of Realtors, acknowledges to have suffered a data breach that exposed user information for a two-month period earlier this year.PoS MalwareOrg: Real EstateCCUS
1610/07/2017?Swiss BanksResearchers from Trend Micro discover a new variant of the Operation Emmental, targeting the Swiss banks using a variant of the DoK Mac OS X malware.MalwareFinanceCCCH
1710/07/2017?Android DevicesResearchers from McAfee reveal the details of a mobile ransomware known as LeakerLocker, threatening to dox users as a mean of extortion.MalwareSingle IndividualsCC>1
1811/07/2017?Trump International Hotels ManagementTrump International Hotels Management reveals that the data breach to Sabre Corp, occurred in May 2017, compromised card payment details at 14 of its properties. The compromised information included payment card numbers and card security codes for some of the hotel chain's reservations.MalwareIndustry: Hotel and HospitalityCCUS
1911/07/2017?Single IndividualsTrend Micro reveals the details of a surging campaign using a remote access tool (RAT) known as Adwind, which has the ability to steal passwords, collect keystrokes and covertly record audio using an infected device's microphone.MalwareSingle IndividualsCCUS
2011/07/2017?Mansfield 103.2The UK Communications Regulator (Ofcom) is hunting a pirate who persistently overrides frequency of Mansfield 103.2 to play a modified version of "The Winker’s Song".UnknownRadio StationCCUK
2111/07/2017?Community Care of St. Catharines and ThoroldCommunity Care of St. Catharines and Thorold notifies to be still recovering from a cyberattack that shut its computers down for more than a week.MalwareOrg: Non-ProfitCCUS
2213/07/2017?Unfinished Wordpress InstallationsResearchers from security firm Wordfence say they have observed a wave of web attacks that took aim at unfinished WordPress installations.Account HijackingSingle IndividualsCC>1
2314/07/2017?Square EnixSquare Enix attributes the connectivity issues that have plagued Final Fantasy 14's Stormblood expansion since its release in June on continuous distributed denial-of-service (DDoS) attacks from a third party.DDoSIndustry: Video GamesCCJP
2414/07/2017?Peachtree Neurological ClinicWhile investigating a ransomware incident, Peachtree Neurological Clinic discovers that its computer system previously had been accessed without its knowledge by unauthorized individuals between February 2016 and May 2017.UnknownHealthcareCCUS
2515/07/2017?Republic of Ireland’s Power GridThe Times reveals that hackers backed by the Russian government have attacked energy networks running the national grid in parts of the UK. In particular the hackers targeted the Republic of Ireland’s energy sector, aiming to infiltrate control systemsTargeted AttackUtility: EnergyCWUK

Leave a Reply

%d bloggers like this: