Last Updated on January 23, 2016
It’s finally time to publish the timeline of the main cyber attacks occurred in the second half of May.
A two-weeks period that will be remembered for an unprecedented trail of massive breaches, started with Pacnet (number of victims unknown), and continued throughout the month with CareFirst BlueCross BlueShield (1.1 million victims), Adultfriendfinder (4 million), the Saudi Ministry of Foreign Affairs (1 million), the Internal Revenue Systems (100,000), the music streaming portal Gaana.com (7.5 million) and, last but not least, the Japan’s universal public pension system (1.25 million), with a resulting damage report exceeding 10 million of compromised individuals.
These attacks have obviously overshadowed all the other “minor” events, with the partial exception of the DNS Hijacking attack against the Federal Reserve Bank of St. Louis (discovered on May 18, but happened on April 24).
As usual, keep the level of attention high, and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
| ID | Date | Author | Target | Description | Attack | Target Class | Cate gory | Country | Link |
|---|---|---|---|---|---|---|---|---|---|
| 1 | May 16 | Pr0digy | jonimitchell.com | A hacker dubbed Pr0digy hacks jonimitchell.com and dumps 9,000 usernames and clear text passwords. | Unknown | Single Individual | CC | US | http://pastebin.com/ek1fXHPp |
| 2 | May 17 | @CyberBloc | Chile’s National Municipal Information System (sinim.gov.cl) | Anonymous AKA @CyberBloc hacks the official website of Chile’s National Municipal Information System (sinim.gov.cl), defacing it and leaking login details of officials. The attack is done in support of student protests against the government’s education policy. | Defacement SQLi | Government | H | CI | https://www.hackread.com/anonymous-hacks-chile-government/ |
| 3 | May 17 | ? | Unnamed Car Park | Vehicles across an entire car park in Manchester have their locks jammed on as the apparent result of a hack. | Jamming | Car Parking | CC | UK | http://www.theregister.co.uk/2015/05/20/car_park_vehicle_locks_hacked_en_masse/ |
| 4 | May 18 | ? | Single Individuals | The Federal Reserve Bank of St. Louis notifies the individuals using its services that on April 24, 2015, unknown hackers manipulated the DNS to redirect some of the Bank’s web traffic to rogue webpages. | DNS Hijacking | Government | CC | US | https://www.stlouisfed.org/news-releases/2015/05/18/password-reset-for-st-louis-fed-research-website-user-accounts |
| 5 | May 18 | AnonGhost | Wayne Country Sheriff’s Department (sheriff.co.wayne.in.us) | In name of OpUSA, the online hacktivists AnonGhost deface the official website of Wayne Country Sheriff’s department (sheriff.co.wayne.in.us/) and leak its database containing login credentials of its employees. | Defacement | Law Enforcement | H | US | https://www.hackread.com/wayne-county-sheriffs-dept-website-defaced/ |
| 6 | May 18 | ? | MetroHealth | MetroHealth notifies nearly 1,000 patients that three computers in its Cardiac Cath Lab were infected with malware, and the affected computers contained their personal information. | Malware | Healthcare | CC | US | http://www.scmagazine.com/three-metrohealth-computers-infected-with-malware-patients-notified/article/415322/ |
| 7 | May 18 | Middle East Cyber Army | English Language Academy of the Univerity of Auckland (ela.auckland.ac.nz) | A hacker group calling itself the Middle East Cyber Army defaces the website of the English Language Academy of the Univerity of Auckland (ela.auckland.ac.nz). | Defacement | Education | H | NZ | http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11450531 |
| 8 | May 19 | Anonymous | Italian Ministry of Defense (difesa.it) | After the Expo, the Italian Anonymous target the Italian Ministry of Defense (difesa,it), and leak a list of 1,700 accounts. | SQLi | Government | H | IT | http://www.lastampa.it/2015/05/19/italia/cronache/anonymous-colpisce-il-ministero-della-difesa-qlFNgswyvu20wnQiNYK1kL/pagina.html |
| 9 | May 20 | ? | Pacnet (now part of Telstra Corporation Limited ) | Telstra notifies its customer of a data breach involving its Asian subsidiary Pacnet. Telstra is made aware of the breach on April 16, only after acquiring Pacnet. | SQLi | Industry: Telco | CC | HK SG | http://www.telstra.com.au/aboutus/media/media-releases/pacnet-it-security-breach.xml |
| 10 | May 20 | H1d3n Root | Philadelphia's City Council (phlcouncil.com) | The website for Philadelphia's City Council (phlcouncil.com) is hacked by a pro-Muslim hacker calling himself H1d3n Root. | Defacement | Government | H | US | http://www.philly.com/philly/blogs/heardinthehall/City-Council-website-hacked.html |
| 11 | May 21 | ? | CareFirst BlueCross BlueShield | CareFirst BlueCross BlueShield announces that data belonging to 1.1 million customers in the Washington D.C. area was stolen in a cyber attack on June 2014. Attackers accessed a database containing names, birth dates, email addresses and subscriber ID numbers. | Targeted Attack | Healthcare | CC | US | http://www.forbes.com/sites/katevinton/2015/05/20/data-belonging-to-1-1-million-carefirst-customers-stolen-in-cyber-attack/ |
| 12 | May 21 | ? | adultfriendfier.com | Personal information relating to almost 4 million users of a worldwide online dating website adultfriendfier.com is leaked on the Dark Web by unknown hackers. Details of users’ sexual preferences, along with email addresses, usernames, dates of birth, postcodes and the unique internet addresses of users’ computers are compromised. | Unknown | Adult Site | CC | US | http://www.theguardian.com/lifeandstyle/2015/may/21/adult-friendfinder-dating-site-hackers-expose-users-millions |
| 13 | May 21 | ? | University of London Computer Centre | The University of London Computer Centre falls victim of a DDoS attack that leaves Moodle, an open-source learning platform, out of action for several hours. | DDoS | Education | CC | UK | http://www.theregister.co.uk/2015/05/22/university_of_london_ddos_attack/ |
| 14 | May 21 | ? | eNom | eNom, a domain registrar, informs its customers to have been hit by a group of attackers, who altered the domain name system (DNS) settings of four domains, redirecting traffic to different web resources than those intended by the owners. | DNS Hijacking | Industry: internet Services | CC | 14 | http://news.softpedia.com/news/Domain-Registrar-eNom-Informs-of-DNS-Hijack-Attack-481867.shtml |
| 14 | May 21 | ? | SafeandVaultStore | SafeandVaultStore, an online vendor of physical safes and vaults, notifies its customers to have been hit by cybercriminals who planted malicious code on its eCommerce website and captured details of orders placed by customers. | Malware | Industry: E-Commerce | CC | US | http://news.softpedia.com/news/Safe-and-Vault-Store-Suffers-Cyber-Security-Breach-482622.shtml |
| 16 | May 22 | ? | Bitfinex | Bitfinex, a Bitcoin wallet, announces to have been hacked, and ask all customers to cease depositing cryptocurrency to old deposits addresses. The impact of the breach is relatively small (0.5%) | Unknown | Bitcoin Exchange | CC | US | https://www.bitfinex.com/pages/announcements/?id=35 |
| 17 | May 22 | ? | Beacon Health System | Beacon Health System notifies an undisclosed number of patients that their personal information may have been compromised by unauthorized individuals who gained access to employee email accounts. | Account Hijacking | Healthcare | CC | US | http://www.scmagazine.com/beacon-health-system-notifies-patients-of-possible-data-compromise/article/416853/ |
| 18 | May 22 | Yemen Cyber Army | Saudi Ministry of Foreign Affairs (services.mofa.gov.sa) | Yemen Cyber Army defaces the Saudi Ministry of Foreign Affairs (services.mofa.gov.sa) and leaks plain-text login credentials of Saudi officials, conversations between embassies along with Embassies VSAT Communications. They also release, few days after, some records of Saudi VISA Database, threatening to release 1M more. | Unknown | Government | H | SA | https://www.hackread.com/saudi-ministry-of-foreign-affairs-hacked/ |
| 19 | May 22 | Moroccan Revolution Team | Westchester Health (westchesterhealth.com) | A group of Pro-ISIS hackers called Moroccan Revolution Team defaces the website of Westchester Health (westchesterhealth.com). | Defacement | Healthcare | H | US | http://pix11.com/2015/05/22/isis-hackers-take-over-local-healthcare-website-company-tries-to-assure-patients-their-info-is-safe/ |
| 20 | May 22 | @TorProdigy | ottawaliving.ca | @TorProdigy hacks ottawaliving.ca and dumps 13,000 usernames and hashed passwords. | SQLi | Online Services | CC | CA | http://pastebin.com/0Tmy0hm1 |
| 21 | May 23 | AnonCoders | Republican Party of Kentucky (rpk.org) | An international group of hackers operating under the name AnonCoders defaces the main website of the Republican Party of Kentucky (rpk.org) to raise awareness that Muslims are not terrorists. | Defacement | Org: Political Party | H | US | http://news.softpedia.com/news/Hacktivists-Deface-Republican-Party-of-Kentucky-s-Website-482491.shtml |
| 22 | May 23 | ? | property.com.na | An anonymous hacker hacks property.com.na and dumps 7,800 usernames and passwords. | SQLi | Online Services | CC | NA | http://siph0n.net/exploits.php?id=3859 |
| 23 | May 24 | ? | Breetec International nv | The metal company Breetec in Belgium suffers a 80,000 EUR worth loss (87,000 USD) after being hit by a malware targeting the Isabel payment system and spread via email. Other two Belgian companies have been allegedly hit by the same malware. | Malware | Industry: Metal | CC | BE | http://cyberwarzone.com/hackers-steal-80000-euro-from-belgium-metal-company/ |
| 24 | May 24 | @rmsg0d | minecraftforum.net | @rmsg0d, a member of TeaMp0isoN, hacks minecraftpeforum.net (a Minecraft Pocket Edition Forum whose domain was recently expired) and dumps the forum’s database containing 16,125 records with, usernames, passwords, and numerous other fields relating to forum participation. | SQLi | Online Forum | CC | US | http://www.databreaches.net/minecraft-pocket-edition-forum-hacked-dumped/ |
| 25 | May 24 | Anonymous | Thailand Senate and Public Health Ministry | The Anonymous breach into the official website of Thailand Senate and Public Health Ministry, and leak login credentials against country’s alleged support for human trafficking. | Unknown | Government | H | TH | https://www.hackread.com/anonymous-breaches-thailand-senate-website/ |
| 26 | May 24 | Moroccan Islamic Union-Mail | Embassy of Nepal in Washington (nepalembassyusa.org) | The official website of embassy of Nepal in Washington (nepalembassyusa.org) is hacked by Moroccan Islamic Union-Mail, a group of Moroccan hackers who leave a message against the American invasion of Iraq and what happened afterwards. | Defacement | Government | H | NP | https://www.hackread.com/nepali-embassy-usa-website-hacked/ |
| 27 | May 24 | Dr.SHA6H | Uzbekistan Embassy in Kuwait (uzbekembassy.gov.kw) | Dr.SHA6H , the anti-Bashar Al Assad hacker from Syria, hacks into the official website of Uzbekistan Embassy in Kuwait (uzbekembassy.gov.kw) and demands governments around the world to bring peace in Syria. | Defacement | Government | H | UZ | https://www.hackread.com/anti-assad-hacker-hacks-uzbek-embassy/ |
| 28 | May 25 | ? | Hex-Rays | Hex-Rays, developers of IDA (Interactive Disassembler) sends an email notification to its customers about a recent attack that may have resulted in the compromise of some license keys along with the web forum and the quotation system. | Unknown | Industry: Software | CC | BE | http://news.softpedia.com/news/Cyber-Attack-on-IDA-Server-Prompts-License-Key-Replacement-482331.shtml |
| 29 | May 25 | Galvanize Mob | Chris Jericho's Twitter account | Chris Jericho's Twitter account is hacked by a group called the Galvanize Mob. The attackers post some offensive messages. | Account Hijacking | Single Individual | CC | US | http://www.wrestlinginc.com/wi/news/2015/0525/595627/chris-jericho-twitter-account-hacked/ |
| 30 | May 26 | ? | Internal Revenue System (irs.gov) | Unknown hackers illegitimately access the Get Transcript service of the IRS (Internal Revenue System) and obtain the information on more than 100,000 US taxpayers from February to mid-May. | Unknown | Government | CC | US | http://bigstory.ap.org/article/34539a748b3745ffb92451472f814ffa/apnewsbreak-irs-says-thieves-stole-tax-info-100000 |
| 31 | May 26 | ? | brief.org.uk | An anonymous hacker hacks brief.org.uk and dumps 7,800 usernames and passwords. | SQLi | Org: Education | CC | UK | http://siph0n.net/exploits.php?id=3863 |
| 32 | May 28 | Mak Man | gaana.com | Gaana, one of the top music streaming sites in India with more than 7.5 million monthly users is hacked by a Pakistani hacker called Mak Man, and its user database is exposed. | SQLi | Musing Streaming | CC | IN | http://thenextweb.com/insider/2015/05/28/indian-music-streaming-service-gaana-hacked-millions-of-users-details-exposed/ |
| 33 | May 28 | ? | Japan’s universal public pension system | The organization that manages Japan’s universal public pension system confirms that approximately 1.25 million personal records are compromised by hackers in a recent targeted attack. | Targeted Attack | Government | CC | JP | http://www.tripwire.com/state-of-security/latest-security-news/hackers-steal-over-a-million-japanese-citizens-personal-data-in-targeted-attack/ |
| 34 | May 28 | ? | copart.com | Copart.com automobile auction website, notifies its users that its computer systems were breached by an unknown attacker, who gained access to sensitive information belonging to its members. | Unknown | Industry: Automotive | CC | US | http://news.softpedia.com/news/Copart-com-Breached-Driver-s-License-Numbers-Exposed-482625.shtml |
| 35 | May 30 | OceanLotus | China's marine agencies, scientific research institutions and shipping companies | A report released by Chinese internet company Qihoo 360's SkyEye Labs accuses a state-sponsored foreign organization named OceanLotus, of stealing government information. According to the report, OceanLotus has launched "elaborately organized" online attacks on China's marine agencies, scientific research institutions and shipping companies since April 2012. | Targeted Attack | >1 | CE | CN | http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20150530000115&cid=1103&MainCatID=0 |
| 36 | May 30 | ? | Single Individual | Hackers set their sights on a local businessman In Mahwah (NYC) and obtain enough of his personal information to persuade his bank to wire $240,000 overseas. | Social Engineering | Single Individual | CC | US | http://www.databreaches.net/nj-hackers-steal-240k-from-mahwah-businessmans-bank-account/ |
| 37 | May 30 | yPeRtRoN | thaimassagemodel.com | yPeRtRoN hacks an adult web site (thaimassagemodel.com) and dumps 4,614 records with usernames and hashed passwords. | SQLi | Adult Site | CC | TH | http://pastebin.com/25F7c8ir |
CC Cyber Crime
CE Cyber Espionage
CW Cyber War
