| ID |
Date |
Author |
Target |
Description |
Attack |
Target Class |
Attack Class |
Country |
| 1 |
01/03/2016 |
? |
Seagate |
Seagate is the last victim of a payroll phish. A Seagate employee sends the data to an outside e-mail address after receiving an e-mail purportedly from Seagate’s CEO Stephen Luczo requesting 2015 W-2 data for current and former Seagate employees. |
Account Hijacking |
Industry: Computer Storage |
CC |
US |
| 2 |
01/03/2016 |
? |
Maritime Trade Information Sharing Centre, Gulf of Guinea (MTISC-GoG), |
BIMCO [Baltic and International Maritime Council] and The Standard Club issue a warning regarding an alleged security breach in the Maritime Trade Information Sharing Centre, Gulf of Guinea (MTISC-GoG), potentially resulting in the release of ships’ data to pirates. MTISC-GoG denies the claims. |
Unknown |
Org: Anti-Piracy Maritime Security |
CC |
GU |
| 3 |
01/03/2016 |
@TheFamilyMethod |
Bank of North Dakota |
Members of the @TheFamilyMethod claim to have hacked the Bank of North Dakota and dump the records of 124 transactions. |
SQLi |
Finance |
CC |
US |
| 4 |
01/03/2016 |
@0x1Taylor |
sktorrent.eu |
@0x1Taylor hacks sktorrent.eu and dumps more than 117,000 usernames and passwords. |
SQLi |
Torrent Tracker |
CC |
SK |
| 5 |
01/03/2016 |
? |
Pharm-Olam International |
Pharm-Olam International starts notifying employees of a security incident that compromised their names, Social Security and income information |
Account Hijacking |
Industry: Legal Services |
CC |
US |
| 6 |
01/03/2016 |
RyanDa1338 |
plastic4you.ru |
RyanDa1338 hacks plastic4you.ru and dumps 26,396 usernames and passwords. |
Unknown |
Industry: Plastic Surgery |
CC |
RU |
| 7 |
01/03/2016 |
DarkHotel |
Several Executives |
Chinese Company ThreatBook reveals a new spree in the infamous DarkHotel Campaign dubbed Operation 8651. |
Targeted Attack |
>1 |
CE |
>1 |
| 8 |
02/03/2016 |
? |
Central Concrete Supply |
Central Concrete Supply notifies its employers of a security incident that might have been exposed their personal information. |
Account Hijacking |
Industry: Concrete |
CC |
US |
| 9 |
02/03/2016 |
? |
cplusplustutor.com |
An unknown hacker hacks cplusplustutor.com and dumps 5,596 usernames and hashed passwords. |
Unknown |
Online Services |
CC |
US |
| 10 |
03/03/2016 |
? |
Unnamed Global Shipping Company |
An incident detailed in the recently released Verizon Data Breach Digest report, unveiled this week at the RSA security conference reveals that a global shipping company has been the victim of high-seas piracy aided by a network intrusion. The shipping company experienced a series of hit-and-run attacks by pirates who, instead of seeking a ransom for the crew and cargo, went after specific shipping containers and made off with high-value cargo. |
Unknown |
Industry: Shipping |
CC |
N/A |
| 11 |
03/03/2016 |
? |
Cox Communications |
Cox Communications investigates a possible data breach after alleged names, email addresses, phone numbers, and other information relating to some 40,000 employees is currently advertised on The Real Deal Market, a marketplace specialising in stolen data and computer exploits. |
Unknown |
Industry: Telco |
CC |
US |
| 12 |
04/03/2016 |
? |
Moneytree |
Moneytree is the latest company to alert current and former employees that their tax data, including Social Security numbers, salary and address information, was accidentally handed over directly to scam artists. |
Account Hijacking |
Industry: Financial Services |
CC |
US |
| 13 |
04/03/2016 |
? |
Mansueto Ventures |
Another victim of a payroll phish: unknown criminals obtain the IDs of 90 percent of the employees of Mansueto Ventures and use the data to file the fraudulent tax returns. |
Account Hijacking |
Industry: Publishing |
CC |
US |
| 14 |
04/03/2016 |
? |
GCI |
GCI notifies more than 2,500 employees that their W-2 forms were stolen in an apparent phishing scam in February. |
Account Hijacking |
Industry: Telco |
CC |
US |
| 15 |
04/03/2016 |
? |
Rosen Hotels & Resorts |
US chain Rosen Hotels & Resorts is the latest to confirm a malware-based breach of its payment processing systems. The breach covered an extended period between September 2, 2014 to February 18, 2016 |
POS Malware |
Industry: Hotel and Hospitality |
CC |
US |
| 16 |
04/03/2016 |
Cyber Anakin |
Several websites including km.ru and nival.com |
Cyber Anakin, a teenage hacker angry about the downing of the Malaysia Airlines Flight MH17, claims to have breached several random Russian websites and spilling the private information on 1.5 million of Russian internet users. |
Unknown |
>1 |
H |
RU |
| 17 |
05/03/2016 |
Anonymous |
Donald Trump’s voicemail |
Donald Trump’s voicemail is allegedly hacked by members of Anonymous. The messages are published on Gawker. |
Account Hijacking |
Single Individual |
H |
US |
| 18 |
05/03/2016 |
Caliphate Cyber Army |
55 New Jersey police officers |
Hackers from the Caliphate Cyber Army release the information of 55 New jersey Police Officers, including home addresses, phone numbers and working locations. |
Unknown |
Law Enforcement |
CW |
US |
| 19 |
05/03/2016 |
Hackers affiliated to ISIS |
Unnamed South Korean news-clipping firm |
South Korean officials launch an investigation into whether an Islamic State militant group hacked a South Korean news-clipping firm’s computer network. Data on 20 South Koreans was reportedly acquired in the attack |
Unknown |
Industry: News |
CW |
KR |
| 20 |
07/03/2016 |
Pawn Storm |
Several Government Offices in Turkey |
A new report from Trend Micro reveals that the Russian Group behind the Operation Pawn Storm is targeting several offices in Turkey |
Targeted Attack |
Government |
CE |
TR |
| 21 |
07/03/2016 |
Operation Transparent Tribe |
Indian Officials Worldwide |
Researchers from ProofPoint reveal the details of Operation Transparent Tribe, a campaign against Indian Officials worldwide. |
Targeted Attack |
Government |
CE |
IN |
| 22 |
07/03/2016 |
? |
Ezaki Glico Co. |
Ezaki Glico Co. reveals that personal data on users of its online shopping site may have been compromised following unauthorized accesses. Up to 83,194 records of personal data may have been stolen, including 43,744 that contained credit card information, according to the firm. |
Unknown |
Industry: Food manufacturing |
CC |
JP |
| 23 |
08/03/2016 |
North Korea |
South Korea |
The South Korean National Intelligence Service (NIS) claims that North Korea hacked the smartphones of senior South Korean government officials and stole call history, texts, and even voice calls. South Korean officials’ smartphones were attacked between the end of February and early March using texts to plant malicious codes. |
Malware |
Government |
CE |
KR |
| 24 |
08/03/2016 |
China or Russia? |
Finland Foreign Ministry |
Finland foreign minister Erkki Tuomioja reveals to the media that foreign ministry computer network has been infiltrated by spies. The breach has apparently been going on for four years. Suspects are directed to Russia or China. |
Targeted Attack |
Government |
CE |
FI |
| 25 |
08/03/2016 |
? |
1-800 Flowers |
1-800 Flowers sends out data breach letters notifying customers that a hacker might have stolen their personal information. |
Unknown |
Industry: Retail |
CC |
US |
| 26 |
08/03/2016 |
? |
hawkingtech.com |
An unknown hacker hacks hawkingtech.com and dumps 12,548 records with usernamens and hashed passwords. |
Unknown |
Industry: Home routers |
CC |
US |
| 27 |
09/03/2016 |
OnionDog |
Companies and government agencies of Korean-speaking countries |
Chinese security researchers from cyber-security vendor Qihoo 360 reveals the details of a malicious actor named OnionDog that’s been targeting Korean-speaking countries since October 2013. |
Targeted Attack |
Government |
CE |
KR |
| 28 |
09/03/2016 |
? |
Greenshades |
A breach in the website of Greenshades causes a spike of tax refund frauds. |
Account Hijacking |
Industry: Payroll Services |
CC |
US |
| 29 |
10/03/2016 |
? |
Bangladesh Central Bank |
Reuters reports that unknown hackers were able to breach the Bangladesh Bank’s systems and steal its credentials for payment transfers, using them to transfer money to entities in the Philippines and Sri Lanka. The hackers were able to get away with a bounty of about $80 million, but a spelling mistake helped prevent a further nearly $1 billion theft. |
Account Hijacking |
Finance |
CC |
BD |
| 30 |
10/03/2016 |
? |
21st Century Oncology |
US cancer clinic 21st Century Oncology admits that a breach on its systems may have exposed private information on 2.2 million patients and employees. The breach happened in November 2015 but the FBI asked 21st Century to hold off from disclosing the incident until a thorough investigation had been completed. |
Unknown |
Healthcare |
CC |
US |
| 31 |
10/03/2016 |
? |
Unnamed American Express third-party card processor |
American Express warns some customers that their personal details may have been exposed due to a data breach of a third-party service provider. |
Unknown |
Industry: Financial Services |
CC |
US |
| 32 |
10/03/2016 |
? |
Litecointalk Forum |
The Litecointalk forum is hacked, and all users are forced to reset their passwords. |
Unknown |
Forum |
CC |
US |
| 33 |
10/03/2016 |
SonnySpooks |
buzzmachines.com |
SonnySpooks hacks buzzmachines.com and dumps nearly 37.000 usernames and passwords. |
SQLi |
Online Services |
CC |
US |
| 34 |
10/03/2016 |
? |
virtualworldlets.net |
An unknown hacker hacks virtualworldlets.net and dumps 13,421 usernames and clear text passwords. |
SQLi |
Online Services |
CC |
UK |
| 35 |
11/03/2016 |
? |
Staminus |
Staminus, a security company specialized in hosting and DDoS protection, is the victim of unknown hackers who breach their network, reset the routers to factory settings and dump customer data. |
Unknown |
Industry: DDoS protection |
CC |
US |
| 36 |
11/03/2016 |
? |
worldchess.com |
Controversial website worldchess.com, broadcasting in exclusive the World Chess Candidates Tournament, is the target of a DDoS attack. |
DDoS |
Entertainment |
CC |
US |
| 37 |
11/03/2016 |
? |
West Bloomfield School District |
West Bloomfield School District officials send an email to parents saying a security breach to their network exposed certain student information. |
Unknown |
Education |
CC |
US |
| 38 |
13/03/2016 |
New World Hackers group (NWH) |
Official Websites of the Salt Lake City Police and Airport |
Hackers from New World Hackers group (NWH) claim to have taken down the official website of Salt Lake City police, the airport, First Utah Bank and Downtown Alliance in a form of protest against the shooting of the teenager Abdi Mohamed. |
DDoS |
Government |
H |
US |
| 39 |
14/03/2016 |
? |
Several high profile websites including The New York Times, the BBC, MSN, and AOL |
Several security vendors including Trend Micro and Malwarebytes reveal the details of a large scale malvertising campaign targeting high profile sites, including The New York Times, the BBC, MSN, and AOL. |
Malvertising |
Single Individuals |
CC |
>1 |
| 40 |
15/03/2016 |
Metropolis |
allosambre.com |
Metropolis hacks allosambre.com and dumps 1,535 usernames and clear text passwords. |
SQLi |
Online Services |
CC |
FR |
| 41 |
15/03/2016 |
Suckfly |
Several government and commercial organizations |
Symantec reveals the details of Suckfly, a malicious actor based in China, whose attack modus operandi involves the use of stolen legitimate certificates to sign the malware used for their operations. |
Targeted Attack |
>1 |
CE |
>1 |
| 42 |
15/03/2016 |
? |
Bayley’s |
Outdoor equipment retailer Bailey’s Inc. notifies its customers that an attacker may have stolen payment card information of 250,000 customers from the company website and that the length of the breach was longer than once thought (between Dec. 1, 2011 and Jan. 26, 2016). |
Unknown |
Industry: Retail |
CC |
US |
| 43 |
15/03/2016 |
? |
Russian customers of a dozen of unnamed banks |
The customers of dozens of banks in Russia are targeted by hackers pretending to be the security arm of the Russian Central Bank, FinCERT. |
Account Hijacking |
Single Individuals |
CC |
RU |
| 44 |
15/03/2016 |
? |
LAZ Parking |
LAZ Parking reveals that tax and revenue information for about 14,000 employees may have been stolen by an “unknown individual. |
Unknown |
Industry: Parking |
CC |
US |
| 45 |
Special Mention of the Month |
This month has seen a remarkable number of W-2 data breaches aimed to use the stolen identities to file fraudulent tax returns. Victims include: – Ameripride – Actifio – Endologix – DataXu – Billy Casper Golf – Care.com – Matric NAC and Matrix Service Company Applied Systems – SevOne – SalientCRGT – Mitchell International – WorkCare – Foss – PerkinElmer – Advance Auto Parts – Sequoia Union High School District |
Account Hijacking |
>1 |
CC |
US |
