Last Updated on March 21, 2016

I know I was quite late with the timelines in the last period: I am trying to catch up as quickly as I can, and now it’s time to publish the second Cyber Attacks Timeline of February (first part here).

So it turned out that not even the Linux Distributions are immune from hackers: Linux Mint, the most popular flavor of the Open Source OS was the most important target of this fortnight: not only the forum has been hacked (and the details of 70,000 users leaked), but also the website was compromised to redirect the users to download a modified ISO with an embedded backdoor.

Another particularly devastating event (which curiously did not find too mach space in the media) hit, a dating site, whose 27 million accounts were allegedly stolen and sold.

The Hacktivists were also quite active, especially in Italy where the Anonymous released 120,000 records from a local provider. Moreover this month has seen the comeback of the infamous collective TeaMp0isoN (or at least someone else using that name as at least two members have been possibly arrested).

Last but not least, a complex long-lasting cyber espionage operation against Japan has been revealed (Operation Dust Storm), and the US Secretary of Defense has admitted once and for all, that a cyber-offensive is currently ongoing to “interrupt [and] disrupt ISIL’s command and control”.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Additionally, if you want, you can access the timeline in Google Sheet format: spreadsheets-32

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
116/02/2016?SpotifyHundreds of Spotify Premium account details are compromised and leaked online by an unknown hacker. A number of separate data dumps containing email addresses, passwords, account types and renewal dates appear online. Brute Force?Industry: Music StreamingCCRU
216/02/2016?Kankakee Valley REMCKankakee Valley REMC falls victim to a possible breach, due to the access of a storage device on the cooperative’s network from a foreign IP.` UnknownIndustry: UtilityCCUS
316/02/2016?4,000 confidential records of police officers, lawyers and judgesAbout 4,000 confidential records, the purported home addresses of police officers, lawyers, and judges, are published on the website EnforcementCCUS
416/02/2016Team Fursecdifferencegames.comTeam Fursec hack and dump 16,589 usernames and hashed passwords.UnknownOnline GamesCCUS
517/02/2016Bravewanderertechfactory.netBravewanderer hacks and dumps 15,601 usernames and clear text passwords.UnknownIndustry: E-CommerceCCUS
617/02/2016Bravewandererbfsihiring.comBravewanderer hacks and dumps 24,317 usernames and clear text passwords.UnknownIndustry: RecruitingCCIN
718/02/2016PeaceLinux Mint ForumA hacker called Peace claims to have stolen the entire database of the Linux Mint Forum (70,000 users).UnknownOrg: SoftwareCCN/A
819/02/2016Qadmon (or Kadimon)Israel’s CCTV SystemsQadmon (or Kadimon), one of Hezbollah’s hacking units reveals it managed to breach many of Israel’s CCTV systems, having had access to camera feeds from various government buildings.Targeted AttackGovernmentCEIL
919/02/2016?Bohemia InteractiveBohemia Interactive announces a potential security breach of the Mantis Feedback Tracker systems, used to collect feedback and bug reports for the games Arma 3 and DayZ.UnknownIndustry: Video GamesCCCZ
1020/02/2016PeaceLinux Mint DistributionClem Lefebvre, the creator of the Linux Mint Distribution reveals that an intrusion on the distribution’s web site took place, in which hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack the website to point to it. THe attackers are also able to breach the forum database.Malicious PHP ScriptOrg: SoftwareCCN/A
1122/02/2016?York HospitalYork Hospital reports a breach of 1,483 employees’ identifying information. UnknownHealthcareCCUS
1222/02/2016AnonymousWebsites of Italian Regions Apulia and BasilicataIn name of #OpGreenRights, the Italian branch of the Anonymous collective takes down the websites on local authorities of Apulia and Basilicata for participating in the Trans Adriatic Pipeline (TAP) project.DDoSGovernmentHIT
1322/02/2016AnonymousCentre d’Identification des Materiels de la DefenseAs a form of protest against French Arms Trade the Anonymous hack into one of the Web portals managed by France’s Ministry of Defense (
1422/02/2016AnonymousCincinnati Police DepartmentMembers of Anon Verdict, a sub-division of the Anonymous hacker collective, leak the details for 52 officers and employees of the Cincinnati Police Department. The Police Department questions the validity of the hack.UnknownLaw EnforcementHUS
1524/02/2016?Japanese companies in electric utilities, oil and gas, finance, transportation and construction.Cylance reveals the details of Operation Dust Storm, a multi-year, multi-attack campaign against the Japanese critical infrastructure, carried on by a well-funded threat group, likely associated with a nation/state, targeting Japanese companies in electric utilities, oil and gas, finance, transportation and construction.Targeted Attack>1CEJP
1624/02/2016?Steven PetrowSteven Petrow, a USA Today journalist, reveals to have been hacked during a flight.Account HijackingSingle IndividualCCUS
1724/02/2016TeaMp0isoN AKA United Nations World Tourism OrganizationMembers of the TeaMp0isoN hacking crew hack into the United Nations World Tourism Organization and dump 1524 records with forum member usernames, email addresses, and MD5-hashed passwords.SQLiOrg: United NationsHN/A
1825/02/2016?Coast Central Credit UnionThe website of Coast Central Credit Union, a financial institution that serves more than 60,000 customers, is hacked, allowing attackers to implant a backdoor.Backdoor via Joomla plugin vulnerabilityFinanceCCUS
1925/02/2016? notifies about 7,000 customers that its web site was compromised UnknownIndustry: StampsCCUS
2025/02/2016?incipio.comIncipio, LLC notifies an unspecified number of customers that malware compromised orders placed online. MalwareIndustry: E-CommerceCCUS
2126/02/2016?University of California BerkeleyThe University of California, Berkeley, admits to have been hit by a second data breach which may have exposed the data of 80,000 people to misuse. UnknownEducationCCUS
2226/02/2016?Pickens County School DistrictThe Pickens County School District is flooded by a DDoS attackDDoSEducationCCUS
2326/02/2016TheFamilyduelyst.comTheFamily hacks and dumps 13,732 usernames and hashed passwords.UnknownOnline GamesCCUS
2427/02/2016TruthsecMiami Police OfficerTruthSec, one of the smaller hacking crews that claim to be part of Anonymous, responds to a Miami police officer who doxed an innocent woman, by releasing his private information. UnknownLaw EnforcementHUS
2527/02/2016ChinaNorwayGeneral Lt. Morten Haga Lunde, head of the Norwegian Intelligence Service E-tjenesten (Etterretningstjenesten) makes official statements accusing the Chinese government of launching cyber-attacks against his country.Targeted AttackGovernmentCENO
2627/02/2016LulzSec Italiaprimodominio.itLulzSec Italia hacks and dumps 126,422 usernames and passwords.UnknownIndustry: Web HostingHIT
2728/02/2016?SnapchatSnapchat executives reveal in a blog post that the payroll data of some current and former employees was exposed as the result of a scam e-mail (allegedly sent by the company CEO Evan Spiegel) received by a human resources employee.Account HijackingIndustry: SoftwareCCUS
2828/02/2016TeaMp0isoN AKA Time Warner Cable Business Class Managed Security Solutions portalMembers of the TeaMp0isoN hacking crew hack into the Time Warner Cable (TWC) Business Class website, steal its database and dump online 4,191 records containing IDs, usernames, email addresses, and encrypted passwords.SQLiIndustry: TelcoCCUS
2928/02/2016Cyber CaliphateSolar UK LtdHackers from Cyber Caliphate supporting the Islamic State group deface Solar UK Ltd. a small solar energy company, in revenge for a drone strike which killed Junaid Hussain.DefacementIndustry: Solar PanelHUK
3029/02/2016US MilitaryISILTHe US Secretary of Defense Ash Carter reveals that the US military is currently waging a cyber-offensive to “interrupt [and] disrupt ISIL’s command and control, to cause them to lose confidence in their networks, to overload their network so that they can’t function…”UnknownOrg: TerrorismCWN/A
3129/02/2016?Israeli Banks’ CustomersKaspersky Lab reveal the details of ATMZombie, a sophisticated trojan targeting Israeli customers, characterized by the ability to exploit a loophole in one of the bank’s online features; and later by physically withdrawing money from the ATM,MalwareFinanceCCIL
3229/02/2016?Mate1.comA hacker on the dark web forum Hell claims to have sold the email addresses and plaintext passwords of over 27 million users of dating site

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.