Last Updated on January 23, 2016

This first half of July will be long remembered for the Infosec Professionals: undoubtedly the dramatic Hacking Team leak has characterized this fortnight and has written one of the most controversial pages of the Infosec Annals.  Security researchers and activists are still digging into the trove of documents (and 0-days) siphoned from the Italian company, and this story, that is unveiling new details every day, is far from being completed.

This resounding attack has overshadowed any other event throughout this first half of July (with the exception of the final count of the victims of the OPM breach, which has reached a total of 21 million), however the list of the events in this two weeks also includes other remarkable breaches, such as the ones targeting Plex, the Epic Games Forum, Hemmakväll AB, a Swedish video store chain and, last but not least, the Trump Hotel Collection.

Turning the attention to hacktivism, the Anonymous kept on their battle against the Canadian Government over the controversial Anti-Terror C51 bill, whereas their Indian counterpart hacked the Telecom Giant BSNL.

If you also remember the attacks against against Apple, Facebook, Micrsoft and Twitter, occurred two years ago, you won’t be happy to know that the authors are back and got bigger, targeting at least 40 companies in different sectors. They were unmasked by several security vendors in contemporary, and for this reason classified with different names (Butterfly, Morpho, Wild Neutron or Jripbot).

Enjoy the timeline and, as usual, remember to keep the level of attention very high. In the same time if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

101/07/2015?The Trump Hotel CollectionThe Trump Hotel Collection, a string of luxury hotel properties tied to business magnate Donald Trump, appears to be the latest victim of a credit card breach.PoS MalwareIndustry: HospitalityCCUS
201/07/2015?Vehicle Donation Processing CenterCharitable car donors using the Vehicle Donation Processing Center learn their personal information was hackedUnknownOrg: CharityCCUS
301/07/2015several major worker's compensation insurersConfidential legal filesAn investigation reveals that several major worker's compensation insurers, hacked into thousands of confidential legal files to save money on judgments and settlements.UnknownSingle IndividualsCCUS
402/07/2015savakaPlexA hacker called savaka hacks the Plex server hosting the forums and the blog. The attacker asks for a ransom of 9.5 BTC to avoid the leak of the dataUnknownIndustry: SoftwareCC
502/07/2015Monte Melkonian Cyber ArmySeveral Azerbaijani sitesArmenian hackers from Monte Melkonian Cyber Army hack into the official website of Azerbaijani customs (and other Azerbaijani sites), stealing highly confidential personal information of 5650 Azerbaijani citizens.UnknownGovernmentCWAZ
Canadian Government Sites
In name of #OpBillC51, the Anonymous hacks the Québec Parental Insurance Plan Centre (, The Ministry of Labor, Employment and Social Solidarity ( and The National Review Commission website on employment insurance (
703/07/2015AnonOpsIndiaBharat Sanchar Nigam Limited (BSNL)In name of OpIndia, AnonOpsindia, a group affiliated to the Anonymous collective hacks BSNL and claims to have siphoned the entire database, which has sensitive information of over 30 million users.UnknownIndustry: TelcoH
804/07/2015?New Jersey Online CasinosA hacker shuts down four New Jersey Internet gambling sites and threatens more
cyberattacks over unless a ransom in BTC is paid.
DDoSIndustry: GamblingCCUS
905/07/2015Phineas FisherHacking Team SrLHacking Team, the Italian company behind the infamous surveillance software is hacked. The attacker, allegedly the same author behind the attack to Gamma International (another surveillance software) dumps approximately 400Gb of data.UnknownIndustry: SoftwareH
Primedice, an online gaming/gambling site loses $1 million in bitcoin to an attacker who exploited its random number generation (RNG) system.Random Number Generator VulnerabilityOnline GamblingCCUS
1106/07/2015?https://housing.comThe realty portal is defaced, a week after his CEO is hacked.DefacementOnline Services
1207/07/2015?Edinburgh CIty Council
More than 13,000 email addresses have been stolen from Edinburgh city council's database following a "malicious cyber attack".UnknownGovernmentCCUK
1307/07/2015DangerProPizza Hut Israel
A group of Bangladeshi hackers going with the handle of DangerPro defaces the contact us page of the official website of Pizza Hut Israel ( Restaurant
1407/07/2015Rubber AKA smitt3nz
Rubber AKA smitt3nz hacks three dating sites and dumps a total of nearly 100,000 plaintext users and passwords.SQLiDatingCC>1
1507/07/2015PH1K3 and z0xHemmakväll AB
A couple of hackers dubbed PH1K3 and z0x hack Hemmakvä (a Swedish video store chain) and dump the details of approximately 47,000 users.UnknownIndustry: Retail
1608/07/2015Butterfly, Morpho, Wild Neutron, Jripbot>1Several security companies report that the attackers that targeted Apple, Facebook, Microsoft, and Twitter two years ago in a series of high-profile hacks are back and got bigger. Targets include at least 40 companies in different sectors. The group is known as Butterfly, Morpho, Wild Neutron or Jripbot.>1>1CC>1
1708/07/2015?Evans Hotels
California-based Evans Hotels announces that malware was installed on computers at the front desks of its properties that could have compromised payment card data.PoS MalwareIndustry: HospitalityCCUS
1808/07/2015The Cyber Army of the KhilafahSyrian Observatory for Human Rights
Purported supporters of the hardline Islamic State group deface the website of the Syrian Observatory for Human Rights.DefacementOrg: Human Rights
1908/07/2015Cyber Islamic StateState Ministry for Euro-Atlantic Integration of Georgia
The Cyber Islamic State hackers deface the official website of “The State Ministry for Euro-Atlantic Integration of Georgia” (
2008/07/2015?Evans Hotels
Evans Hotels, which owns and operates the Bahia Resort, Catamaran Resort and The Lodge at Torrey Pines announces that a security breach led to unauthorized charges on guests’ payments cards.PoS MalwareIndustry: HospitalityCCUS
2109/07/2015?German MissilesGerman-owned Patriot missiles stationed in Turkey are briefly taken over by hackers.UnknownMilitaryCCDE
2209/07/2015Cyber Islamic StateArgonne National Laboratory
The Cyber Islamic State hackers deface a subdomain of Illinois-based Argonne National Laboratory owned and funded by the U.S. Department of Energy Office of Science.DefacementGovernmentH
2309/07/2015?Service Systems AssociatesService Systems Associates, a company that serves gift shops and eateries at zoos and cultural centers across the United States, acknowledges a breach of its credit and debit card processing systems.PoS MalwareIndustry: Retail
2409/07/2015?Charlotte MckinneyUnknown hackers hack the Charlotte Mckinney Instagram account and use it to post nude photos of the model.Account HijackingSingle IndividualCCUS
2510/07/2015?Telegram (Messaging Platform)
Popular messaging platform Telegram is hit with a 200Gbps distributed denial of service (DDoS) attack. Users in Asia, Australia, and Oceania are prevented from using the service.DDoSOrganization: Software
2610/07/2015Lizard Squad
Daybreak Game Company LLCDaybreak Game Company is hit with a DDoS after its CEO threatens convicted Lizard Squad hacker Julius KivimakiDDoSIndustry: Video GamesCCUS
2710/07/2015?Walmart Canada (via PNI Digital Media)Walmart Canada investigates a potential breach of customer credit card data after one of its websites operated by a third party ( was compromised. 60,000 customers could be affected.UnknownIndustry: Retail
2810/07/2015AlfabetoVirtual Pro-Palestinian hacker going with the handle of AlfabetoVirtual defaces the official website of New York City’s Comptroller Mr. Scott M. Stringer (
2911/07/2015Lov3rDnshttp://my.barackobama.comA Yemeni hacker going with the handle of “Lov3rDns” defaces the official social network domain of U.S president Barack Obama, used during his election campaign ( Politics
3011/07/2015Teap0thttp://gooffcampus.comA hacker dubbed Teap0t hacks and dumps 8,623 usernames and clear text passwords.SQLiOnline Services
3112/07/2015Unknown Syrian Hackers
IsraelComputer hackers likely working for the Syrian regime and Hezbollah have managed to penetrate the computers of Israeli and American activists working with the Syrian opposition, exposing sensitive contacts between the sides.Targeted AttackGovernmentCEIL
Vancouver IslandUnknown hackers affiliated with the collective Anonymous release a string of emails that appear to show a conservation officer defending his decision to refuse to kill two black bear cubs on Vancouver Island.UnknownGovernmentH
3312/07/2015cybervor aka @cyberv0rMiami Universitycybervor aka @cyberv0r claims to have hacked the Miami University and dumps >200 usernames and hashed passwords.SQLiEducationCCUS
3412/07/2015?Antrix CorporationIndian space agency ISRO’s commercial arm Antrix’s website is defaced. Suspects are directed to Chinese hackers.DefacementIndustry: AerospaceH
WXXR 97.3An Indiana radio station, WXXR 97.3, is apparently hacked, broadcasting a message from the Anonymous collective.UnknownBroadcast
3613/07/2015?http://CareerBuilder.comProofpoint threat researchers detect a clever email-based attack that combines phishing and social engineering techniques in order to trick users into opening a malicious document. In this attack, the actor browses open positions listed on CareerBuilder.comTargeted Attack>1CC>1
3713/07/2015?Chris FoomeTeam Sky are consulting their lawyers following what they believe to be the potential hacking of Chris Froome's training data files in order to suggest he may be using performance enhancing drugs during Tour De France.UnknownSingle IndividualCCUK
3813/07/2015AnonGhostMalaysian Police Facebook and Twitter PagesThe AnonGhost collective takes over the Facebook and Twitter Accounts of the Malaysian Police and floods the feed with pro-ISIS messages.Account HijackingLaw EnforcementH
3913/07/2015austinsimon864http://cloudminr.ioCloud mininig service is hacked. The attacker offers to sell the entire database (about 80,000 users) for 1 BTC (approx. 276 USD)Unknown
Bitcoin MiningCCNO
4013/07/2015Teap0thttp://ateworld.comA hacker dubbed Teap0t hacks and dumps 8,623 usernames and clear text passwords.SQLiNewsCCUS
Envato, the network of marketplaces is under a two week lasting DDoS attack.DDoSIndustry: InternetCCAU
4213/07/2015?VoatVoat, the news aggregator, is taken down by a DDoS attack.DDoSSocial Network
4313/07/2015?Insurance Services OfficeNew Jersey-based Insurance Services Office (ISO) notifies an undisclosed number of consumers of an unauthorized access to the database.UnknownIndustry: Health InsuranceCCUS
4414/07/2015?https://forum.epicgames.comEpic, the well known developer of videogames, notifies the users of its forum ( of an authorized access to their personal data (username, password, email and date of birth)Unknown
Industry: Video GamesCCUS


This Post Has 2 Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.