| ID |
Date |
Author |
Target |
Description |
Attack |
Target Class |
Attack Class |
Country |
| 1 |
15/03/2016 |
Pakistan |
India |
Google removes the malicious SmeshApp from its play store, after an investigation by CNN-IBN, an Indian TV station, reveals that Pakistan was using it to snoop on Indian military personnel. |
Mobile Malware |
Military |
CE |
IN |
| 2 |
16/03/2016 |
NSHC |
Swiss People’s Party (SVP) |
A group of hackers dubbed NSHC claims to have hacked the database of Switzerland’s largest political party, the conservative Swiss People’s Party (SVP) and stolen the personal data of over 50,000 people, including the names and email addresses of SVP supporters. |
Unknown |
Org: Political Party |
CC |
CH |
| 3 |
16/03/2016 |
NSHC |
Several websites including the Swiss Federal Railways (SBB) and a number of retailers, including electronic retailer InterDiscount |
The same group that hacked the SVP, takes down several swiss websites including the Swiss Federal Railways (SBB) and a number of retailers, including electronic retailer InterDiscount. |
DDoS |
Transportation Industry: Retail |
CC |
CH |
| 4 |
17/03/2016 |
? |
Lakes Region Scholarship Foundation |
Lakes Region Scholarship Foundation notifies past applicants that their names, addresses and Social Security numbers may have been stolen by hackers. |
Unknown |
Org: Education |
CC |
US |
| 5 |
17/03/2016 |
? |
River Cree Casino |
The River Cree casino says it was the victim of a “cyberattack” that resulted in the theft of customer and employee information. |
Unknown |
Industry: Hotel and Hospitality |
CC |
US |
| 6 |
18/03/2016 |
? |
usacycling.org (USA Cycling) |
In an email sent out to its over 62,000 members, USA Cycling, the official US cycling organization, warns to have suffered a “data security incident” that may have exposed members’ names, mailing addresses, email addresses, dates of birth, emergency contact details, and passwords. |
Unknown |
Org: Sport |
CC |
US |
| 7 |
18/03/2016 |
KarmaSec |
visit-jy.com |
Hacktivists from KarmaSec hack the server of Japan’s Yamaguchi Prefecture Tourism Promotion Division (visit-jy.com) and leak a trove of data protesting in support of animal rights and brutality in the country. |
Unknown |
Industry: Tourism |
H |
JP |
| 8 |
18/03/2016 |
SadClowns |
Several High Profiles including FOX News, BusinessInsider |
Proofpoint reveals how the malvertising campaign detected at the beginning of March has evolved. The malicious actors behind the campaign are dubbed “SadClowns”. |
Malvertising |
>1 |
CC |
>1 |
| 9 |
18/03/2016 |
|
BitQuick |
BitQuick announces to shut down its server following an attack that gave the attacker unauthorized administrative access. However, all funds, IDs and emails remain secured. |
Unknown |
Bitcoin Exchange |
CC |
US |
| 10 |
19/03/2016 |
? |
Several News Outlets in Sweden |
Several news outlets in sweden are taken down by a large-scale DDoS attack. The list of the victims include: Dagens Nyheter, Expression, Svenska Dagbladet, Aftonbladet, Sydsvenskan, Helsingborgs Dagblad, Dagens Industri. |
DDoS |
News |
CC |
SE |
| 11 |
19/03/2016 |
? |
naira4dollar.com |
Naira4dollar, a Nigerian e-currency exchange website, is the target of unknown hackers who are able to steal $15,000 worth of Bitcoins. |
Account Hijacking |
Bitcoin Exchange |
CC |
NG |
| 12 |
20/03/2016 |
? |
EC-Council (eccouncil.org) |
The website of EC-Council, the professional organization that administers the Certified Ethical Hacker program, is compromised to redirect the visitors to an Angler Exploit Kit landing page, where the infamous Teslacrypt ransomware is injected. |
Malicious PHP injection via WordPress Vulnerability |
Org: Security Professionals |
CC |
US |
| 13 |
20/03/2016 |
? |
Harry Styles and Kendall Jenner |
One Direction singer Harry Styles and his alleged girlfriend Kendall Jenner have their personal photos leaked online after iCloud account hack. |
Account Hijacking |
Single Individuals |
CC |
UK |
| 14 |
20/03/2016 |
AnonymousCorrupt |
nasa.gov |
AnonymousCorrupt, a group of hacktivists linked to the Anonymous claim to have taken down the nasa.gov website. |
DDoS |
Government |
H |
US |
| 15 |
21/03/2016 |
? |
Norfolk General Hospital |
THe website of the Norfolk General Hospital is hacked to spread malware to its visitors. |
Joomla Vulnerability |
Healthcare |
CC |
CA |
| 16 |
21/03/2016 |
? |
Concordia University |
Concordia University warns the community about a possible computer security breach. |
Malware |
Education |
CC |
CA |
| 17 |
22/03/2016 |
? |
Kemuri Water Company (fantasy name for a water utility) |
The latest Verizon Data Breach Report reveals the details of an attack against a water utility company, in which the attackers were able to infiltrate the water utility’s control system and change the levels of chemicals being used to treat tap water. |
SQLi/Phishing |
Utility |
H |
N/A |
| 18 |
22/03/2016 |
? |
Pivotal Software |
Pivotal Software notifies the California Department of Justice Office of the Attorney General to have been hit with a W-2 phishing scam where an unknown number of the company’s employees had their tax data compromised. |
Account Hijacking |
Industry: Software |
CC |
US |
| 19 |
22/03/2016 |
? |
Kentucky State University |
Kentucky State University is the victim of a BEC scam: an employee, responding to an email supposedly from the school’s president, sends off the 2015 W-2s for about 1000 employees and students. |
Account Hijacking |
Education |
CC |
US |
| 20 |
22/03/2016 |
? |
Chinese Users |
FireEye reveals the details of a malvertising campaign, targeting Chinese users, employing the Baidu advertising platform, and abusing one of its ad APIs to push malware. |
Malvertising |
Several Individuals |
CC |
CN |
| 21 |
23/03/2016 |
? |
Sprouts Farmers Market |
Sprouts Farmers Market falls victim to a W-2 phishing scam, with the company admitting an employee sent off the tax data for all its workers to an unknown person. |
Account Hijacking |
Industry: Grocery |
CC |
US |
| 22 |
23/03/2016 |
? |
Ryman Hospitality Properties |
Ryman Hospitality Properties falls victim to a fraudulent phishing scam that resulted in employees’ IRS W-2 information, which includes Social Security numbers, being disclosed externally. |
Account Hijacking |
Industry: Hotel and Hospitality |
CC |
US |
| 23 |
24/03/2016 |
? |
Verizon Enterprise Solutions |
The contact information on some 1.5 million customers of Verizon Enterprise is published on an underground forum. THe company confirms to have recently discovered and remediated a security vulnerability on its enterprise client portal. |
Mongo DB Vulnerability |
Industry: Telco |
CC |
IT |
| 24 |
24/03/2016 |
Pakistan |
India |
Trend Micro release the details of Operation C-Major, a Pakistan-Linked Cyber-Espionage Campaign Against Indian military employees. |
Targeted Attack |
Military |
CE |
IN |
| 25 |
24/03/2016 |
@gift2death |
norfolkadmirals.com |
@gift2death posts online the personal information of roughly 250 Norfolk Admirals hockey team customers. |
SQLi |
Sport |
CC |
US |
| 26 |
24/03/2016 |
? |
vbulletin.com vnulletin.org |
Administrators of the vBulletin forums start a site-wide password reset operation after an unknown attacker gained access to one of their servers. |
Unknown |
Industry: Software |
CC |
US |
| 27 |
24/03/2016 |
? |
jasacare.org |
JASACare reports to have been attacked by hackers who managed to gain access to its email system. As a consequence of the breach of an employee’s email account, patient and employee data could have been potentially compromised. |
Account Hijacking |
Org: Home Care |
CC |
US |
| 28 |
25/03/2016 |
? |
gumtree.com.au |
Malwarebytes reveals the details of a malvertising campaign, distributing the infamous Angler Exploit Kit, and targeting gumtree.com.au. |
Malvertising |
Community |
CC |
AU |
| 29 |
25/03/2016 |
? |
OpSec Security |
OpSec Security joins the list of the companies victim of email scams, as a consequence the 2015 W-2 tax forms for current and former employees are compromised. |
Account Hijacking |
Industry: Anti-Counterfeiting |
CC |
US |
| 30 |
25/03/2016 |
? |
Tidewater Community College |
Tidewater Community College reports that the tax information of all those employed at the school in 2015 (3000 employees) is taken in a spear phishing scam. |
Account Hijacking |
Education |
CC |
US |
| 31 |
25/03/2016 |
? |
Mercy Iowa City and Mercy Clinic |
Mercy Iowa City and Mercy Clinic notify patients that a malware discovered on their systems could have compromised the identities of 15,000 users. |
Malware |
Healthcare |
CC |
US |
| 32 |
26/03/2016 |
China |
Japan |
Tokyo police announces the discovery of over 18 million user credentials on a server of Nicchu Shinsei Corp., a local company that complicitly allowed Chinese hackers to use it in their attacks. |
Unknown |
Single Individuals |
CC |
JP |
| 33 |
27/03/2016 |
Anonymous Philippines LulzSec Philippines |
COMELEC (comelec.gov.ph) |
The database of the Philippine Commission on Elections (COMELEC) is breached and the personal information of 55 million voters potentially exposed in two consecutive attacks. |
Unknown |
Government |
H |
PH |
| 34 |
27/03/2016 |
? |
SportPursuit sportpursuit.co.uk |
Clothes website SportPursuit is hit by hackers over the Easter weekend, potentially losing customers’ bank card details. |
Unknown |
Industry: E-Commerce |
CC |
IE |
| 35 |
27/03/2016 |
Anonymous |
BCGold Corp. |
As part of its #OpCanary operation against multinational corporations, the Anonymous deface the homepage of BCGold Corp., a Canadian-based company focused primarily on gold and copper mining. |
Defacement |
Industry: Mining |
H |
CA |
| 36 |
28/03/2016 |
Andrew “Weev” Auernheimer |
Several Universities including Princeton University, University of California-Berkeley, University of Massachusetts-Amherst, Brown University, Smith College, and Mount Holyoke College |
Andrew “Weev” Auernheimer sends out a massive racist print job on the networks of several US Universities |
Unauthorized Access |
Education |
CC |
US |
| 37 |
29/03/2016 |
? |
likes.com livejournal.com |
Malwarebytes reveals the details of a malvertising campaign, distributing the infamous Angler Exploit Kit, and targeting likes.com and livejournal.com, two famous social network sites visited by respectively 110M and 140M visitors per month. |
Malvertising |
Social Network |
CW |
US |
| 38 |
29/03/2016 |
? |
Cravath Swaine & Moore LLP Weil Gotshal & Manges LLP |
FBI investigates the breaches at two know law firms Cravath Swaine & Moore LLP, and Weil Gotshal & Manges LLP, and issues a Private Industry Notification to law firms indicating that a cyber crime insider trading ring is targeting international law firm information used to facilitate business ventures. |
Targeted Attack |
Law Firms |
CC |
US |
| 39 |
29/03/2016 |
Budminer |
Several Entities in Taiwan |
Symantec reveals the details of Backdoor.Dripion, a cyber espionage campaign attribute to a threat actor known as Budminer, targeting entities in Taiwan. |
Targeted Attack |
N/A |
CE |
TW |
| 40 |
29/03/2016 |
Anonymous |
Kenya Petroleum Refineries Limited |
As part of their #OpAfrica, the Anonymous deface (rickroll) the website of Kenya Petroleum Refineries Limited. |
Defacement |
Industry: Oil and Energy |
H |
KE |
| 41 |
29/03/2016 |
Anonymous Portugal |
28 Angolan Government Websites |
In name of #OpLusofonia, the Portuguese branch of the Anonymous defaces 28 Angolan Government Websites in retaliation for the recent sentencing of 17 activists. |
Defacement |
Government |
H |
AO |
| 42 |
29/03/2016 |
? |
Several Hacked Websites |
Sucuri reveals the details of a new black hat SEO campaign that leverages a combination of hacked websites, backdoors, doorway scripts, and SEO poisoning to redirect users to pornographic sites. |
>1 |
>1 |
CC |
>1 |
| 43 |
30/03/2016 |
? |
Coinkite Inc. |
After a sustained wave of DDoS attacks, the Bitcoin startup Coinkite Inc. officially announces the shutdown of its secure wallet service. |
DDoS |
Bitcoin Exchange |
CC |
US |
| 44 |
31/03/2016 |
TheNeoBoss |
teamskeet[.]com |
A hacker called TheNeoBoss hacks teamskeet[.]com and advertises on the dark web the database supposedly containing email addresses, plain text passwords, names, and physical and IP addresses for over 237,000 users of the site, as well as the broader porn network, Paper Street Media (PSM). |
SQLi |
Adult Site |
CC |
US |
