Last Updated on January 3, 2016

It’s time to publish the first timeline of November covering the main Cyber Attacks reported in the media, occurred between  1 and 15 November 2015.

Unfortunately this month did not start very well with the hacks against Vbulletin (480,000 victims) and FoxIt, and the trend continued with an unprecedented spree of DDoS attacks against several email providers and other kind of targets, characterized by the request of a ransom (actually one of the targets, Protonmail, decided to pay hoping, uselessly, to stop the attacks. And the list of the victims also include  Comcast (590,000 users potentially compromised).

Hacktivists were equally quite active in the first half of November: Crackas With Attitude, the teen hackers who previously breached CIA director personal email account, claimed to have breached a law enforcement database and the email account of FBI Deputy Director Mark Giuliano, whereas the Anonymous continued their battle against the Ku Klux Klan releasing the identities of 1000 alleged activists online.

Cyber Espionage chronicles report an alleged hack of the email and social media accounts of several Obama administration officials by members of Iran’s Revolutionary Guard.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014 and now 2015 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Access the timeline in Google Sheet format: spreadsheets-32

101/11/2015Coldzer0VbulletinA hacker called Coldzer0 claims to have hacked and to have obtained the details of 479895 users.Unknown 0-dayIndustry: SoftwareCCUS
201/11/2015Coldzer0FoxIt SoftwareColdzer0 also claims to have hacked the FoxIt Forum using the same 0-day.Unknown 0-dayIndustry: SoftwareCCUS
301/11/2015?Salt Lake City School DistrictThe Salt Lake City School District is struck by a DDoS attack that takes down the district's website, phone system and online administrative tools.DDoSEducationCCUS
402/11/2015AnonsecIsrael Missile Defense Association
The Anonsec collective hacks the Israel Missile Defense Association ( and dumps 2161 usernames and hashed passwordsSQLiOrg: MilitaryHIL
503/11/2015Smitt3nz AKA Rubberchromeplay.comSmitt3nz AKA Rubber hacks and dumps the records of 9000 users.SQLiOnline ServicesCCUK
603/11/2015Armada CollectiveProtonmailA collective called Armada Collective takes down Protonmail, a Swiss provider of end-to-end encrypted email. The company pays a ransom of 15 BTC (6000 USD) but is taken down again after paying.DDoSIndustry: Email Service ProviderCCCH
703/11/2015Pro-Palestine ActivistsHa'aretz Twitter AccountPro-Palestine activists Hacked Ha’aretz Newspaper’s Twitter Account and Posted: “Our martyrs’ mothers will drink your soldier’s blood.”Account HijackingNewsHIL
803/11/2015Smitt3nz AKA Rubberhttp://library.killersites.comSmitt3nz AKA Rubber hacks and dumps the records of 1596 users.SQLiOnline ServicesCCUS
904/11/2015Islamic Revolutionary Guards CorpObama Administration OfficialsThe Wall Street Journal reveals that the email and social media accounts of Obama administration officials were recently hacked by members of Iran's Revolutionary Guard.Targeted AttackGovernmentCEUS
1004/11/2015Armada CollectiveVFEmailVFEmail is taken down by a DDoS attack. The attackers demand a ransom of 5 BTC
(1700 USD)
DDoSIndustry: Email Service ProviderCCUS
1104/11/2015?ZohoZoho is subject to a DDoS attack. The attack starts on November the 4th and affects the company for one week.DDoSIndustry: Email Service ProviderCCUS
1204/11/2015?TouchnoteThe U.K.-based app for photo postcard service Touchnote notifies its registered customers that the company has been hacked and some personal information has possibly been compromised.UnknownIndustry: SoftwareCCUK
1304/11/2015?ShowTix4UShowTix4U, a Nevada based online ticket sales service used heavily in Central Wisconsin says it has had a data breach.UnknownOnline ServicesCCUS
1405/11/2015?HushmailHushmail experiences two unscheduled service outages resulting from distributed denial-of-service (DDoS) attacks.DDoSIndustry: Email Service ProviderCCCA
1505/11/2015?RunboxRunbox is subject to Distributed Denial of Service (DDoS) attacks. Even in this case the attackers demand a ransom to stop the waves of attack.DDoSIndustry: Email Service ProviderCCNO
1605/11/2015?Four Winds Casino ResortFour Winds Casino Resort reveals to have discovered a bank-card-stealing malware in its payment systems. Four properties are affected between October 2014 and October 21, 2015. PoS MalwareIndustry: Hotel and ResortCCUS
1705/11/2015Crackas With Attitude
FBI Deputy Director Mark GiulianoThe same teen hackers who infiltrated the email account of CIA Director John Brennan claim to have hacked an email account of FBI Deputy Director Mark Giuliano.Account HijackingSingle IndividualsCCUS
1806/11/2015CocaineSecuritySwedbankSwedbank is taken down by a DDoS attack A hacker called CocaineSecurity claims to have received a ransom.DDoSFinanceCCSE
1906/11/2015Armada CollectiveNeomailboxNeomailbox is taken down by a DDoS attack carried on by the Armada Collective, who also asks for a ransom.DDoSIndustry: Email Service ProviderCCCH
2006/11/2015AnonymousKu Klux Klan
Hacking collective Anonymous has released the identities of 1000 KKK members online.UnknownOrganization: PoliticsHUS
The UK social networking Xat ( is hacked and notifies the users that its database has been acquired by the attackers.Account HijackingSocial NetworkCCUK
2206/11/2015Eggfatherhttp://www.islandermania.comEggfather hacks and dumps 8,525 usernames and hashed passwords.SQLiOnline ForumCCUS
Eggfather hacks and dumps 1,939 usernames and hashed passwords.SQLiOnline ForumCCUS
24Eggfather hacks and dumps 8,525 usernames and hashed passwords.SQLiIndustry: SoftwareCCUS
25Eggfather hacks and dumps 4,520 usernames and hashed passwords.SQLiOnline ForumCCUS
FastMail is hit by a DDoS attack that briefly make some services unavailable. A further attack is executed on Monday, 9 Nov. Both attacks are accompanied by an extortion demand that threaten further attacks if the company does not pay the attacker 20 Bitcoin (approximately US$7500).
DDoSIndustry: Email Service ProviderCCAU
2708/11/2015?Brazilian ArmyThe Brazilian Army's servers are hacked, resulting in personal details (National Insurance Numbers and passwords) of about 7,000 officers getting leaked. The attack appears to have been prompted as retaliation against the supposedly inappropriate conduct of an Army team during a "capture the flag" (CTF) cybersecurity competition at the government's Center for Cyber Defence.UnknownMilitaryCCBR
2808/11/2015Crackas With Attitude
Joint Automated Booking System
Crackas With Attitude (CWA), the hackers who breached CIA director John Brennan's personal email account claims to have gained access to a law enforcement arrest database, known as the Joint Automated Booking System (JABS).
UnknownLaw EnforcementHUS
2908/11/2015KelvinSecTeam hacks the website of the Aviacion Militar Bolivariana ( and dumps 1,997 records.UnknownMilitaryHVE
3009/11/2015?UK Parliament Computer NetworkThe Times reveal that, in May, cybercriminals were able to break into parliament’s computer network, hijacked computers holding sensitive information and presented a ransom demand to Chi Onwurah, MP and shadow digital minister.MalwareGovernmentCCUK
3109/11/2015HRG (His Royal Gingerness)Norwich International Airport
A hacker calling himself HRG (or His Royal Gingerness) hacks the Norwich International Airport's website ( and obtains the details of people registered on the website's media centre.SQLiAirportCCUK
3210/11/2015OrionComcastComcast resets 200k cleartext passwords, after a hacker known as Orion claims to have stolen the database and puts it on sale on the dark web. Nearly 590,000 users could have been compromised.Zimbra 0-dayIndustry: TelcoCCUS
3310/11/2015?SpotifyNewsweek reveals that over one thousand email addresses and passwords from the musing streaming app Spotify were leaked following a hack.UnknownIndustry: MusicCCSE
3410/11/2015TAFE QueenslandTAFE Queensland has experienced a breach that has seen the personal details of thousands of the state's TAFE students exposed.UnknownEducationCCAU
3510/11/2015?http://fantasy.premierleague.comMalwarebytes reveals the details of a malvertising campaign targeting the website of, potentially redirecting the users to a page hosting the Nuclear Exploit Kit.MalvertisingOnline GamingCCUK
3610/11/2015?Korea Advanced Institute of Science Technology
More than a dozen students and faculty at the Korea Advanced Institute of Science Technology (KAIST) have their credit card information stolen by a hacker who attempted to make payments in Japan.UnknownEducationCCKR
3710/11/2015BravewandererBrigham Young University
A hacker called bravewanderer hacks the Brigham Young University ( and dumps 11,894 records.UnknownEducationCCUS
3810/11/2015Eggfatherhttp://engineerboards.comEggfather hacks and dumps 21,304 usernames and hashed passwords.SQLiOnline ForumCCUS
3910/11/2015Eggfatherhttp://www.c4forums.comEggfather hacks and dumps 15,276 usernames and hashed passwords.SQLiOnline ForumCCUS
4010/11/2015Eggfatherhttp://forum.chumpcar.comEggfather hacks and dumps 15,276 usernames and hashed passwords.SQLiOnline ForumCCUS
4110/11/2015Eggfather hacks and dumps 15,276 usernames and hashed passwords.SQLiOnline ForumCCUS
4211/11/2015?Securus TechnologiesAn anonymous hacker leaks a vast collection containing metadata of over 70 million records of phone calls placed by prisoners to at least 37 US states and links to actual recordings for each call. The calls, allegedly leaked from Securus Technologies, span a nearly two-and-a-half year period, beginning in December 2011 and ending in the spring of 2014.UnknownIndustry: TechnologyCCUS
4311/11/2015?AmmyyThe installer of the remote desktop software Ammyy is compromised and distributes the tools used by the Buhtrap gang to spy on and control their victims’ computers.MalwareIndustry: SoftwareCCRU
4411/11/2015Fallaga TeamJewish Free School
The Tunisian Fallaga Team defaces the website of Europe’s largest Jewish school, JFS, posting a message that calls for an end to Islamophobia and aggression against Muslims.DefacementEducationHUK
4511/11/2015Fruityhax hacker called Fruityhax hacks and dumps 1500 usernames and hashed passwords.SQLiIndustry: E-CommerceCCUK
4611/11/2015?The Training Room
An unknown hacker hacks and dumps 1,141 records with usernames and hashed passwords.SQLiEducationCCUS
4712/11/2015AnonymousUnknown IndividualHalifax police forced to re-open investigation in a sexual assault case after Anonymous exposes the identity of the alleged culprit.UnknownSingle IndividualHCA
4813/11/2015?https://grahamcluley.comThe website of the security blogger Graham Cluley ( is taken down by a DDoS attack.DDoSNewsCCUK
4914/11/2015?Tor NetworkReports emerge of possible DDOS attacks being directed at Tor exit nodesDDoSTor NetworkCCN/A
5015/11/2015?Fashion to Figure
Fashion to Figure notifies customers of a breach involving malware inserted on their web host’s serverMalwareIndustry: RetailCCUS
5115/11/2015?Noble House Hotels and ResortsLuxury hotel chain Noble House Hotels and Resorts notifies customers of a breach in six properties they uncovered in the wake of reports by customers of fraudulent charges on payment cards.MalwareIndustry: Hotel and ResortCCUS

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.