Last Updated on January 23, 2016

October is proving to be very complicated from an Infosec perspective, so I am publishing this timeline in the middle of the turmoil in the wake of the  breach that has affected TalkTalk.

Unfortunately this month has started in the worst possible way with the massive breaches targeting T-Mobile US (result of a cyber attack to Experian affecting potentially 15 million US users) and Scottrade (affecting 4.6 million users). In particular the attack to Scottrade has not been isolated, delineating a possible trend: other two companies operating in the same space, FXCM and E-Trade, have revealed to have suffered similar attacks. But the bad news does not end here, and the case of Dow Jones & Co. is paradoxical: the company has disclosed the details of two breaches in the space of a single week.

Moving to Cyber Espionage, this fortnight reports the discovery of an APT using fake profiles on Linkedin (Threat Group 2889) and the revelations of a 2014 cyber attack against the South Korea subway system, purportedly orchestrated by North Korea.

Other remarkable events include the DDoS attacks against two major Japanese airports (Narita and Chubu) executed by the Anonymous Collective in name of #OpKilling Bay (the campaign against the dolphin slaughter) and against several Belgian Government websites executed by the local branch of the same collective.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Access the timeline in Google Sheet format: spreadsheets-32

101/10/2015?T-Mobile US
(via Experian)
Hackers break into a server and make off with names, driver license numbers, and other personal information belonging to more than 15 million US consumers who applied for cellular service from T-Mobile. The breach is the result of an attack on a database maintained by credit-reporting service Experian, which was contracted to process credit applications for T-Mobile customers and affects people who applied for T-Mobile service from September 1, 2013 through September 16 of this year.SQLi?Industry: Mobile TelcoCCUS
201/10/2015?American Bankers
The American Bankers Association (ABA), based in Washington, D.C., notifies more than 6,000 ABA shopping cart users of a breach that exposed their personal information.UnknownOrganization: Professional AssociationCCUS
301/10/2015?FXCMForeign-exchange broker FXCM privately informs clients to have suffered a data breach and that the attackers have been able to stole funds from some accounts.UnknownIndustry: Financial ServicesCCUS
401/10/2015?Multiple Sclerosis
Multiple Sclerosis Society warns website users their personal details might have been compromised via a malicious software discovered on its systems.MalwareOrg: CharityCCUK
502/10/2015?ScottradeOnline stock brokerage Scottrade has suffered a breach that exposed the personal information of 4.6 million customers. Scottrade officials said in an online advisory that the breach happened in late 2013 or early 2014 and exposed social security numbers, e-mail addresses and "other sensitive information".UnknownIndustry: Financial ServicesCCUS
602/10/2015?David Jones
Premium retailer David Jones says its website has been hacked and private customer data stolen.
UnknownIndustry: RetailCCAU
703/10/2015Hell Shield Hackers group of Indian hackers calling themselves Hell Shield Hackers defaces a Pakistani government website called Municipal Services Program Khyber Pakhtunkhwa (Khyber Paktunkhwa is a province in Pakistan) ( apparently in retaliation against Pakistani hackers.DefacementGovernmentCWPK
804/10/2015?Kennebec County
Phone System
The Kennebec County phone system is hacked topping 2,100 calls in a weekend.UnknownGovernmentCCUS
904/10/2015sup3rm4n, j0shua3w,
Two Brazilian hackers deface two government-owned domains. The target is the Brazilian Institute of research and development in Astronomy, Geophysics and Meterology of Time and Frequency, which has two of its domains defaced ( and
1005/10/2015North KoreaSouth KoreaHa Tae-Kyung, a Seoul lawmaker, cites intelligence reports stating that North Korea is suspected of having launched a cyber attack last year on the South Korean capital's subway system that carries millions of commuters every day.Targeted AttackGovernmentCWKR
1105/10/2015?Peppermill Resort Spa CasinoAn undisclosed number of individuals are being notified that an attack may have compromised credit and debit cards used between October 2014 and February 2015 at the front desk of the Reno, Nev.-based Peppermill Resort Spa Casino.
UnknownIndustry: HospitalityCCUS
1205/10/2015AnoncodersRadio Tel Aviv
Palestinian hackers identifying themselves as "Anoncoders," deface Radio Tel Aviv's website (, uploading a message that states: "We are always here to punish you." DefacementRadio BroadcastingHIL,7340,L-4707155,00.html
Malwarebytes detects a new malvertising campaign on six of Spain's biggest torrent sites, exposing around 84.2 million users to the CryptoWall ransomware.MalvertisingTorrentCCES
1405/10/2015NetPirates AKA @TheNetShip hack and dump >10,000 usernames and clear text passwords.SQLiIndustry: E-CommerceCCIN
1506/10/2015?Unnamed OrganizationResearchers from Cybereason discover a novel technique used to gain persistence in an (unnamed) organization's environment to harvest employees' authentication credentials. The attack involves a malicious module loaded onto Microsoft Outlook Web Application (OWA).Targeted AttackN/ACEN/A
1606/10/2015Th3 Ap3xWindsor University School of Medicine
Th3 Ap3x from Anonsec hacks and dumps >6000 records with student infoSQLiEducationCCUK
1707/10/2015Threat Group 2889>1Researchers at Dell's SecureWorks release an analysis of a hacking crew dubbed Threat Group 2889, which is using at least 25 bogus but thoroughly developed LinkedIn profiles to draw in potential targets in telecoms, government agencies, and defence contractors.Targeted Attack>1CE>1
1807/10/2015?LoopPayThe New York Times reveals that months before its technology became the centerpiece of Samsung’s new mobile payment system, LoopPay, a small Massachusetts subsidiary of the South Korean electronics giant, was the target of a sophisticated attack by a group of government-affiliated Chinese hackers.Targeted AttackIndustry: Mobile PaymentCEUS
1907/10/2015Alister MaclinBitcoinA Russian man that calls himself "Alister Maclin" has been disrupting the Bitcoin network for over a week, creating duplicate transactions, and annoying users.Bitcoin Malleability AttackBitcoin ExchangeCCN/A
2008/10/2015?Six of the most successful Fifa video gamers:
AnesonGib, W2S, Nepenthez, Nick28T, Bateson87, matthdgamer
Six of the most successful Fifa video gamers to feature on YouTube are targeted by cyber-thieves, who are able to steal millions of Fifa coins, the in-game currency, and deleted valuable players. The attackers are thought to have convinced manufacturer EA Sports to transfer their victims' Origin accounts to email addresses they controlled.
Account HijackingSingle IndividualsCCUK
2109/10/2015?Dow Jones & Co.Dow Jones & Co. reveals that hackers had gained unauthorized entry to its systems, accessing contact information for current and former subscribers in order to send fraudulent solicitations. The data breach potentially accessed payment card information for fewer than 3,500 individuals.UnknownIndustry: News And PublishingCCUS
2209/10/2015?E-TradeE-Trade notifies about 31,000 customers this week that some of their personal information may have been accessed during a cyberattack in late 2013.Targeted AttackIndustry: Financial ServicesCCUS
2309/10/2015Sally-Anne Jones
(Umm Hussain Britaniya)
Army Sgt. Dillard Johnson
Navy SEAL Rob O’Neill
Sally-Anne Jones, a well known ISIS supporter, through her Twitter account Umm Hussain Britaniya, leaks the addresses of Army Sgt. Dillard Johnson, and Navy SEAL Rob O’Neill, urging lone-wolf terrorists in the U.S. to take them down.UnknownSingle IndividualsHUS
2409/10/2015?Israeli Public SectorResearchers from Check Point disclose the details of a campaign targeting the Israeli public sector, using the MWI (Microsoft Word Intruder) exploit kit to deliver a modified version of the Zeus malware.Targeted AttackGovernmentCEIL
2509/10/2015Comcastkidshttp://shopatsullivan.comA crew of hackers called Comcastkids hacks and dumps more than 10,000 accounts.SQLiIndustry: E-CommerceCCUS
2610/10/2015AnonymousNarita International Airport

Chubu Centrair International Airport
In name of #OpKillingBay the online protest against the dolphin slaughter, the Anonymous take down the two main Japanese Airports: Narita International Airport ( and Chubu Centrair International Airport (
2711/10/2015Anonymous BelgiumFederal Public Services Home Affairs

Official website of Belgian Prime Minister Charles Michel

Brussels parliament
The Belgian branch of the Anonymous collective takes down the official websites of Belgian Prime Minister Charles Michel, the Brussels parliament and the website of Federal Public Services Home Affairs.
2812/10/2015?America’s Thrift StoresAnother charity store hacked: America’s Thrift Stores, an organization that operates donations-based thrift stores throughout the southeast United States, says to have been the victim of a malware-driven security breach that targeted software used by a third-party service provider.MalwareIndustry: Charity ShopCCUS
2913/10/2015?Daily MailMalwarebytes discloses in a blog post that the "sophisticated" attack, previously documented as targeting eBay and Yahoo, has now turned its attention to the Daily Mail, a popular UK-based news publication which accounts for millions of monthly visitors.
3013/10/2015Kuroi SHUniformed Services University
A hacker going with the online handle of Kuroi SH defaces several domains of the United States based Uniformed Services University and leaks 2014 login credentials online.
3114/10/2015Fin5Unnamed CasinoAccording to two FireEye researchers, an un-named Casino has lost 150,000 credit cards after being raided by the Fin5 hacking group.Targeted AttackIndustry: HospitalityCCN/A
3214/10/2015@An0nBlank AKA HTGz Terminal
Royal Institution of Chartered Surveyors
@An0nBlank AKA HTGz Terminal hacks (Royal Institution of Chartered Surveyors) and dumps 3,410 records.SQLiOrg: Professional BodyCCUK
3315/10/2015?Electronic ArtsAccount details of some 600 Electronic Arts (EA) customers are apparently leaked on Pastebin. The company has yet to confirm that the leak is genuine, but they are "taking steps to secure any account that has an EA or Origin user ID that matches the usernames on this list".UnknownIndustry: Video GamesCCUS
3415/10/2015Abdellah ElmaghribiAdult Magazine
An Islamist hacker called Abdellah Elmaghribi defaces Adult Magazine, an online blog about graduate students having sex.DefacementAdult SiteHUS
3515/10/2015Implosion hacker dubbed Implosion hacks the Rutgers University Pharmaceutical Industry Program and dumps 1057 usernames and hashed passwords.SQLiEducationCCUS
3616/10/2015?Dow Jones & Co.A new breach targeting Dow Jones & Co. Bloomberg reveals that a group of Russian hackers infiltrated the servers and stole information to trade on before it became public. The probe began at least a year ago.UnknownIndustry: News And PublishingCCUS

This Post Has 3 Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.