ID |
Date |
Author |
Target |
Description |
Attack |
Target Class |
Attack Class |
Country |
1 |
16/04/2016 |
Team System DZ |
Several targets in France, Israel, US, and the UK |
Hacking group Team System Dz defaces 88 websites from France, Israel, the US, and the UK posting pro-ISIS messages. |
Defacement |
>1 |
CW |
>1 |
2 |
17/04/2016 |
? |
Coinroll Bitcoin Casino |
Coinroll Bitcoin Casino admits that several users had the funds on their online accounts stolen. The breach could be related to an open MongoDB. |
Unknown |
Bitcoin Casino |
CC |
US |
3 |
18/04/2016 |
? |
Robert Millard |
Robert Millard, a former Lehman Brothers executive wires a $2 million deposit for a $20 million Manhattan apartment to cyber criminals, who hacked the mailbox of his realtor. |
Account Hijacking |
Single Individuals |
CC |
US |
4 |
18/04/2016 |
? |
Newark Police Department |
Newark Police Department is forced to spend four days cleaning up after a virus attack. |
Malware |
Law Enforcement |
CC |
US |
5 |
18/04/2016 |
? |
dōTERRA |
dōTERRA notifies several customers and distributors of a possible data breach involving a third-party providing them with hosting and software services. |
Unknown |
Industry: Cosmetics |
CC |
US |
6 |
18/04/2016 |
sn0n |
mayline.com |
sn0n hacks mayline.com and dumps 2,803 records with usernames and hashed passwords. |
SQLi |
Industry: Furniture |
CC |
US |
7 |
19/04/2016 |
? |
Several Europe-based organisations, particularly in Poland |
Researchers from Palo Alto Networks identify PWOBot, a strain of malicious code written entirely in Python. |
Targeted Attack |
>1 |
CE |
>1 |
8 |
19/04/2016 |
? |
ADP |
Identity thieves steal tax and salary data from payroll giant ADP by registering accounts in the names of employees at more than a dozen customer firms. ADP says the incidents occurred because the victim companies all mistakenly published sensitive ADP account information online that made those firms easy targets for tax fraudsters. |
Account Hijacking |
Industry: Bitcoin Exchange |
CC |
US |
9 |
19/04/2016 |
Berkshire Hathaway Homestate, Cypress Insurance, Zenith Insurance |
Undisclosed California Worker |
A group of California workers claim in a federal lawsuit that three of the largest workers compensation insurance companies in California illegally broke into their lawyers’ database and stole over 32,000 confidential workers comp files. |
Directory Traversal Attack |
Industry: Insurance |
CC |
US |
10 |
19/04/2016 |
? |
AIn Shams University |
An unknown hacker hacks the Staff Management Portal of the Ain Shams University (staff.asu.edu.eg) and dumps 2,280 records. |
SQLi |
Education |
CC |
EG |
11 |
20/04/2016 |
FIN6 |
Several target in the retail and hospitality sectors |
Security researchers from FireEye and iSight Partner revealed a report detailing the previously unknown mode of operation of a criminal group named FIN6. The group surfaced in 2015 and focused only on the theft of financial information, mainly credit card data from organizations in the retail and hospitality sectors. |
Targeted Attack |
Industry: Retail Industry: Hotel and Hospitality |
CC |
>1 |
12 |
21/04/2016 |
? |
Archdiocese of Denver |
Archdiocese of Denver notifies 18,000 individuals to have discovered a breach happened on November 2015 after an unauthorized person accessed an Archdiocese of Denver database maintained by a third-party. |
Unknown |
Org: Religion |
CC |
US |
13 |
21/04/2016 |
? |
Bizmatics |
A spree of data breaches affect Florida’s Palm Beach County Health Department, Wisconsin’s Oneida Health Center, Arkansas’ Pain Treatment Centers of America (PTCOA), and Interventional Surgery Institute (ISI) and expose more than 23,000 patients’ personal information after data servers belonging to third-party vendor Bizmatics are hacked. |
Unknown |
Industry: Software |
CC |
US |
14 |
22/04/2016 |
? |
UK Ministry of Defence |
Up to 831 members of Britain’s defence community with high-level security clearances had their personally identifying information stolen when the Ministry of Defence’s business networking organisation was hacked earlier in November 2015 via the compromising of Niteworks, a MoD contractor. |
Unknown |
Government |
CC |
UK |
15 |
22/04/2016 |
Anonymous |
Different Entities in Denmark, Iceland, and the Faroe Islands |
Akamai reveals the details of OpKillingBay, an active campaign against whale-and-dolphin-eating nations. |
DDoS |
Several Individuals |
H |
>1 |
16 |
22/04/2016 |
New World Hackers (NWH) |
City of Denver’s website (denvergov.org) |
Members of the New World Hackers (NWH), one of Anonymous’ divisions, launch a DDoS attack against the city of Denver’s website (denvergov.org) |
DDoS |
Government |
H |
US |
17 |
22/04/2016 |
United Cyber Caliphate |
Lamont Christian Reformed Church (lamontcrc.org) |
United Cyber Caliphate defaces the website of the Lamont Christian Reformed Church in the city leaving a pro-Jihadi message. |
Defacement |
Org: Religion |
CW |
US |
18 |
24/04/2016 |
Ghost Squad |
Ku Klux Klan website |
Hackers from Ghost Squad take down the website of Ku Klux Klan |
DDoS |
Org: Politics |
H |
US |
19 |
24/04/2016 |
? |
interbet.co.za |
An unknown hacker hacks interbet.co.za and dumps >35,000 records containing personal information |
Unknown |
Online Bet |
CC |
ZA |
20 |
25/04/2016 |
? |
BeautifulPeople.com |
Forbes reveal that Unknown hackers were able to hack Beautifulpeople.com and leak the personal details of 1.1M members. |
Unknown |
Dating |
CC |
US |
21 |
25/04/2016 |
? |
Qatar National Bank QNB.com |
Documents purporting to be from the Qatar National Bank are leaked on a file-sharing site Cryptome.org. According to Cryptome, the leaked file contains more than 15,000 documents detailing more than 100,000 accounts with passwords and PINs. |
SQLi |
Finance |
CC |
QA |
22 |
25/04/2016 |
? |
Lansing Board of Water & Light (BWL) |
The Lansing Board of Water & Light (BWL) announces last week a cyber-attack that partially shuts down some of its services following what looks like an unconfirmed ransomware incident. |
Malware |
Utility |
CC |
US |
23 |
25/04/2016 |
? |
Spotify |
A list containing hundreds of Spotify account credentials, including emails, usernames, passwords, account type and other details, appears on Pastebin, in what appears to be a possible hack. The company, asked, denies the incident. |
Unknown |
Industry: Music |
CC |
SE |
24 |
25/04/2016 |
? |
The Grand Sierra Resort |
The Grand Sierra Resort is the latest hospitality entity to disclose a data breach involving customers’ credit card information. In this case, there appear to be two time frames during which cards used at their food and retail locations may have been compromised: for a one-month period in 2014 and again during a 5-month period in 2015. |
PoS Malware? |
Industry: Hotel and Hospitality |
CC |
US |
25 |
26/04/2016 |
? |
Lifeboat Minecraft Community |
Over seven million user accounts belonging to members of Minecraft community “Lifeboat” are hacked |
Unknown |
Industry: Video Games |
CC |
US |
26 |
26/04/2016 |
? |
RWE Gundremmingen plant |
A nuclear power plant in Germany is found to be infected with computer viruses, but they appear not to have posed a threat to the facility’s operations because it is isolated from the Internet. |
Malware |
Industry: Utility |
CC |
DE |
27 |
26/04/2016 |
? |
Goldcorp |
Hackers breach Goldcorp and leak a 14.8 GB torrent containing personal information |
Unknown |
Industry: Gold Mining |
CC |
CA |
28 |
26/04/2016 |
China? |
U.S. Steel Corp. |
U.S. Steel Corp. asks the U.S. government to ban unfairly traded Chinese steel imports, alleging producers stole the fruits of decades of research in a 2010 hacking attack. |
Targeted Attack |
Industry: Steel |
CE |
US |
29 |
27/04/2016 |
? |
The Pirate Bay |
Malwarebytes identifies a malvertising campaign on The Pirate Bay, distributing the Cerber Malware via the Magnitude Exploit Kit. The attackers took advantage of the leak of the sixth season of Game of Thrones. |
Malvertising |
Torrent |
CC |
SE |
30 |
27/04/2016 |
PLATINUM |
Several Targets in South East Asia |
Microsoft reveals the details of PLATINUM, a group active primarily against targets in South East Asia since 2009. |
Targeted Attack |
>1 |
CE |
>1 |
31 |
27/04/2016 |
North Korea? |
Several Targets in Asia |
Forcepoint reveals the details of Jaku, a previously unknown botnet built for a multi-stage tracking and data exfiltration, primarily of targets in Asia. |
Targeted Attack |
>1 |
CE |
>1 |
32 |
27/04/2016 |
? |
Lucky Pet |
LuckyPet notifies the California State Attorney General’s office of a data breach that compromised online customer information. |
Exploited Undisclosed Vulnerability |
Industry: E-Commerce |
CC |
US |
33 |
27/04/2016 |
Anonymous in Kenya |
Kenyan Ministry of Foreign Affairs (mfa.go.ke) |
Anonymous In Kenya, leaks a trove of 1TB data from the Kenyan Ministry of Foreign Affairs. |
Unknown |
Government |
H |
KE |
34 |
28/04/2016 |
? |
Solano Community College |
Solano Community College is hit with a spearphishing attack leading to the W-2 information for about 1,200 staffers being compromised. |
Account Hijacking |
Education |
CC |
US |
35 |
28/04/2016 |
? |
Advanced International Marketing Inc. |
Advanced International Marketing Inc. notifies California’s Attorney General that the company experienced a data breach that compromised its customers’ name and state identification information. |
Exploited Undisclosed Vulnerability |
Industry: Retail |
CC |
US |
36 |
29/04/2016 |
? |
17 (an app particularly popular in Asia) |
A hacker advertises a cache of 20,000 email addresses, poorly secured passwords, phone numbers, and other information from users of photo sharing and video streaming app ’17’, which is particularly popular in Asia. |
Unknown |
Industry: Software |
CC |
TW |
37 |
29/04/2016 |
? |
Maisto.com |
The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, is caught pushing ransomware. |
Outdated Joomla |
Industry: Toys |
CC |
HK |
38 |
29/04/2016 |
? |
Brunswick Corp. |
Brunswick Corp. is the last victim of a spear phishing scam that allows the attackers to steal W-2 information for possibly all 13,000 current and former company employees. |
Account Hijacking |
Industry: Conglomerate |
CC |
US |
39 |
29/04/2016 |
? |
Several Targets in Japan |
Symantec reveals the details of a cyber-espionage group using compromised websites along with spear-phishing emails to deliver a backdoor trojan to organizations in Japan for the purpose of stealing sensitive information and private technologies. |
Targeted Attack |
>1 |
CE |
JP |
40 |
29/04/2016 |
? |
Laremy Tunsil Twitter and Instagram Accounts |
Laremy Tunsil, a college football player has his Twitter and Instagram accounts hacked. |
Account Hijacking |
Single Individuals |
CC |
US |
41 |
29/04/2016 |
United Cyber Caliphate |
3,600 New York residents |
A group of hackers linked to the Islamic State releases a hit list of thousands of New York residents, urging the militant group’s followers to target them. |
Unknown |
Single Individuals |
CW |
US |
42 |
30/04/2016 |
Ghost Squad |
Black Lives Matter |
Hackers from Ghost Squad, one of the Anonymous subdivisions carrying out DDoS attacks against KKK members, launch similar attacks against the Black Lives Matter movement. |
DDoS |
Org: Social Movement/Activism |
H |
US |
43 |
30/04/2016 |
? |
Gryphon Technologies |
Gryphon Technologies joins the list of the companies falling victim of W-2 phishing scams. |
Account Hijacking |
Industry: System Integration |
CC |
US |