Last Updated on October 3, 2016

Spring has sprung, and it’s now time to publish the first timeline of April.

Even if this fortnight has not been particularly rich of events from a mere numeric perspective, a few breaches are destined to be remembered for long for the consequences not necessarily limited at the infosec community. I am obviously talking about the Mossack Fonseca leak, the dump containing the records of 50 million Turkish citizens, and the 43Gb of data belonging to the Syrian Nation Agency for Network Services. The list of the victims of massive breaches also included Naughty America with its 3.8 million accounts.

On the Cyber Espionage/Cyber War front, this has been quite a tough period for Sweden whose air traffic control system has been allegedly targeted by Russian hackers (a solar storm according to the official version). In the same days the Swedish Armed force has revealed that their military computers were hacked and used in an attack targeting major US banks in 2013… Not a great reward for a military network.

And while the Cyber War between Armenia and Azerbaijan reached new levels (with the involvement of Turkish actors), there is nothing particularly meaningful to mention related to hacktivism. Well… Like every year hacktivists from all over the world threatened Israel in occasion of the so-called #OpIsrael declared for April 7th. However, following the trend of the last few years, the damages (if any) were absolutely negligible.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Additionally, if you want, you can access the timeline in Google Sheet format: spreadsheets-32

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
101/04/2016?Sites running vulnerable WordPress and Joomla installationsAvast warns about a longstanding black hat SEO campaign involving sites running hacked WordPress and Joomla installations.Malicious JQuery injection>1CC>1
201/04/2016Turk Hack TeamSeveral Armenian Government ServersA group of Turkish hackers going by the online handle of Turk Hack Team (THT) defaces some Armenian Government servers to claim their hold on the Nagorno-Karabakh region.DefacementGovernmentCWAM
302/04/2016Monte Melkonian Cyber Army (MMCA)Several Azerbaijani Government ServersIn retaliation for the THT attacks, Monte Melkonian Cyber Army from armenia defaces some Azerbaijani Government servers.DefacementGovernmentCWAZ
402/04/2016RyanDa1338integratorimarket.itRyanDa1338 hacks and dumps 2,015 records with usernames with clear text passwords.UnknownIndustry: E-CommerceCCUS
504/04/2016APT6 (linked to China)US Government and Commercial NetworksFBI unusually warns that “a group of malicious cyber actors,” whom security experts believe to be the government-sponsored hacking group known as APT6, has compromised and stolen sensitive information from various government and commercial networks since at least 2011.Targeted AttackGovernmentCEUS
604/04/2016?Trump Hotel CollectionThe Trump Hotel Collection suffers another breach of its credit card system.PoS MalwareIndustry: Hotel and HospitalityCCUS
704/04/2016?Stanford UniversityUnknown hackers infiltrate the systems of the systems of W-2Express, a third party vendor, and download the W-2 forms of 3,500 Stanford University employees.Account HijackingEducationCCUS
805/04/2016?Mossack FonsecaApparently the staggering leak of 2.6 TB from law firm Mossack Fonseca known as Panama Papers seems to be due to a hack exploiting a WordPress Vulnerability.WordPress VulnerabilityIndustry: Legal ServicesHPA
905/04/2016?50 Million Turkish CitizensTurkish authorities investigate the alleged leak of nearly 50 million citizens’ sensitive, personal data (almost two-thirds of the country’s 75 million-strong population). According to reports, a database that was uploaded online appeared to have been stolen in 2009 from a state agency which issues national ID cards.UnknownGovernmentCCTR
1005/04/2016?University of LiverpoolUniversity of Liverpool database of 6,500 staff posted on dark web forum. Leaked data includes: name, address and work email addresses.UnknownEducationCCUK
1105/04/2016?KIFTKIFT, a Top 40 radio station located in Colorado, is hacked an broadcasts vulgar “furry sex” ramblings.Account HijackingRadio StationCCUS
1205/04/2016?Metropolitan Jewish Health SystemMetropolitan Jewish Health System notifies members and patients of phishing incident, possibly involving 2,483 individuals. Account HijackingHealthcareCCUS
1306/04/2016?CoinwallletCoinWallet is forced to shut down their operations by May 1, 2016, after a data breach.UnknownBitcoin ExchangeCCFR
1406/04/ hacks and dumps 2,859 records with usernames and clear text passwords.SQLiOnline ServicesCCUK
1507/04/2016? National Childbirth Trust, a childbirth charity, apologies to 15,000 new and expectant parents after their registration details were accessed in a “data breach”.Targeted AttackOrg: CharityCCUK
1607/04/2016Anti-Armenia TeamRussian Embassy in Armenia (@rusembassyARM)Azerbaijani hackers from Anti-Armenia Team hijack the Twitter Account of Russian Embassy in Armenia (@rusembassyARM).Account HijackingGovernmentHAM
1707/04/2016?solen.czAn unknown hacker hacks and dumps nearly 5,000 records with usernames and clear text passwords.UnknownOnline ServicesCCCZ
1808/04/2016Pyopzmothersenvogue.comPyopz hacks and dumps 2,382 records with usernames and hashed passwords.SQLiIndustry: E-CommerceCCSG
1909/04/2016Anonymous Italy and LulzSec ItalyJob-seeking portalsIn name of #OpNessunDorma, the duo Anonymous Italy and LulzSec Italy hacks numerous job-seeking portals and leaks some of their information online. UnknownIndustry: Job SeekingHIT
2009/04/2016?Whiting-TurnerWhiting-Turner notifies employees of a potential breach to a vendor.UnknownIndustry: ConstructionCCUS
2110/04/2016@Echoisonrochester.eduAn unknown hacker dubbed @Echoison claims to have hacked the University of Rochester ( and dumps 5,944 records with usernames and hashed passwords.SQLiEducationCCUS
2210/04/2016TheFamilyelifeask.comTheFamily hacks and dumps 1,529 usernames and hashed passwords.UnknownOnline ServicesCCIN
2311/04/2016?Swedish Armed ForceSometimes breaches are discovered after years: the Swedish Armed force reveal that their military computers were hacked and used in an attack targeting major US banks in 2013UnknownMilitaryCCSE
2411/04/2016?At least 11 sites including, the Netherlands equivalent to eBaySome of the Netherlands’ most popular websites fall victim to a malvertising campaign that managed to compromise a widely used ad platform.Malvertising>1CCNL
2512/04/2016RussiaSwedenDespite the official reason is a solar storm, Sweden secretly suspects that a hacker group linked to Russian intelligence was responsible for an attack on its air traffic control systems last November.Targeted AttackGovernmentCWSE
2612/04/2016The Real and affiliates websites including Suite703.comAn unknown hacker offers a database containing emails and passwords of 3.8 million of Naughty America porn accounts for a mere $300UnknownAdult SitesCCUS
2712/04/2016Cyber Justice, the Nation Agency for Network ServicesThe Cyber Justice Team has taken responsibility for a big hack of Syrian government networks, which resulted in a massive 43GB data leak online.SQLiGovernmentHSY
2813/04/2016?The Fappening ForumThe Fappening Forum is hacked, exposing 179,000 accounts. After the breach the forum is hit by malvertising distributing ransomware.UnknownForumCCUS
2913/04/2016?Olympia School DistrictA phishing attack compromises the identities of more than 2,100 employees of Olympia School DIstrict.Account HijackingEducationCCUS
3013/04/2016AnonymousDalhousie University ( takes down the Dalhousie University website against 2015 rape, demanding punishment for the culprits.DDoSEducationHCA
3114/04/2016Lizard SquadBlizzard’s Battle.netBlizzard’s servers are taken down by a DDoS attack.DDoSIndustry: Video GamesCCUS
3215/04/2016?JanetBritish government-funded educational network Janet is hit by a DDoS.DDoSOrg: Education NetworkCCUK
3315/04/2016?gamescollection.itAn unknown hacker hacks and dumps 1,274 usernames and hashed passwords.SQLiOnline ServicesCCIT
3415/04/2016?The City of BaltimoreThe city of Baltimore investigates how the personal information of dozens of city employees was stolen and used to file fraudulent tax returns.Account HijackingGovernmentCCUS
3515/04/2016Team System DZSeveral Wisconsin’s Richland County Government websitesTeam System DZ, an Algeria-based hacking team, defaces several Wisconsin’s Richland County Government websites and leaves a defaced page with a message in support of ISIS.DefacementGovernmentHUS
3615/04/2016?Innovak International14 school systems, 3 in Alabama and 11 in Mississippi are impacted by a breach to Innovak International involving employees’ w-2 statements.UnknownIndustry: Financial ServicesCCUS
3715/04/2016?Atique Orthodontics, P.A.Atique Orthodontics, P.A. (AOPA) is notifies certain patients about a security incident involving unauthorized access to a computer in its office.UnknownHealthcareCCUS
3815/04/ hacks the Journal of Chinese Medicine ( and dumps 13,668 records containing clear text passwords.SQLiOnline ServicesCCUK
397-8/04/2016AnonymousOpIsraelSpecial mention of the month for OpIsrael. Despite the announcements and the intentions, only small local targets were hit (with a few thousands accounts leaked).>1>1HIL


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.