ID |
Date |
Author |
Target |
Description |
Attack |
Target Class |
Attack Class |
Country |
1 |
02/05/2016 |
? |
Alpha Payroll Services |
Alpha Payroll Services notifies that an employee has fallen victim of a phishing scam targeting clients’ 2015 employee W-2 information. |
Account Hijacking |
Industry: Payroll Services |
CC |
US |
2 |
02/05/2016 |
? |
70 US military men |
A group claiming to be British hackers supporting the Islamic State (ISIS) publishes a ‘hit list’ of more than 70 US military men who have allegedly been involved in drone strikes against terrorists in Syria. |
Unknown |
Military |
CW |
US |
3 |
02/05/2016 |
Iran |
Israel |
Researchers from Palo Alto reveal the details of Infy, a new targeted attack campaign dating back nearly a decade and likely to have originated from Iran. |
Targeted Attack |
>1 |
CE |
IL |
4 |
02/05/2016 |
0x2Taylor |
remotestaff.com.au |
0x2Taylor hacks remotestaff.com.au and dumps 99,888 records with usernames and hashed passwords. |
SQLi |
Industry: Job Search |
CC |
AU |
5 |
03/05/2016 |
Anonymous |
Bank of Greece |
The Anonymous Kick off OpIcarus and take down the Bank of Greece |
DDoS |
Finance |
H |
GR |
6 |
03/05/2016 |
? |
Union League Club |
Union League Club says it is working with the FBI to investigate a security breach involving guests’ credit card information. An employee accused to have installed malicious software is fired. |
Malware |
Social Club |
CC |
US |
7 |
04/05/2016 |
? |
KMOV, WBTV |
Malwarebytes reveals the details of a malvertising campaign targeting visitors to two TV stations (KMOV and WBTV) affiliated with the American CBS TV network. |
Malvertising |
Industry: Broadcast |
CE |
US |
8 |
05/05/2016 |
? |
Several databases |
The discovery of a database containing the details of over 57 million people allegedly hacked by Russian hackers brings to light a massive breach occurred in 2015. |
Unknown |
>1 |
CC |
>1 |
9 |
05/05/2016 |
? |
Several databases |
Another massive breach discovered. A trove of 272.3 million accounts belonging to several services including mail.ru, Google, Microsoft is put on sold on the dark web. |
Unknown |
>1 |
CC |
>1 |
10 |
05/05/2016 |
? |
Equifax |
Unknown individuals access Equifax’s W2Express website and steal tax and salary data. |
Unknown |
Industry: Financial Services |
CC |
US |
11 |
05/05/2016 |
? |
Bay Area Children’s Association |
Bay Area Children’s Association reports that an attacker compromised patient information after planting malware on the systems of its electronic medical record provider. |
Malware |
Org: Non-Profit |
CC |
US |
12 |
05/05/2016 |
? |
Neopets |
Tens of millions of user accounts from virtual pets community Neopets are hacked and traded on the criminal underground. |
Unknown |
Virtual Community |
CC |
US |
13 |
05/05/2016 |
Phineas Phisher AKA Hack Back! AKA @GammaGroupPR |
N/A |
The hacker behind the notorious attacks against Gamma Group and Hacking Team steals 10.000$ worth in Bitcoins from several victims and donates the money to a Kurdish anti capitalist group called Rojava Plan. |
Unknown |
N/A |
H |
N/A |
14 |
05/05/2016 |
Anonymous |
Central Bank of Cyprus (centralbank.gov.cy) |
OpIcarus continues and this time the hacktivists of the Anonymous collective take down the Central Bank of Cyprus (centralbank.gov.cy) |
DDoS |
Finance |
H |
CY |
15 |
05/05/2016 |
@TehBVM |
Reddit |
A black hat hacker dubbed @TehBVM takes over random subreddits, removing moderators, and changing the subreddit’s CSS style, leaving a defacement message behind. |
Defacement |
Social Network |
CC |
US |
16 |
05/05/2016 |
? |
Saint Agnes Medical Center |
2,800 employees of the Saint Agnes Medical Center are impacted by a possible identity theft after scammers got the W-2’s of everyone employed by the hospital. |
Account Hijacking |
Healthcare |
CC |
US |
17 |
06/05/2016 |
? |
Nulled.IO |
The Nulled.IO forum is compromised and its data consequently leaked, consisting of a 9.45GB SQL file. |
SQLi |
Hacker Forum |
CC |
US |
18 |
06/05/2016 |
Anonymous |
Boris Dobrodeev |
Hacktivists from the Anonymous collective leak what could be the email inbox of Boris Dobrodeev, the former boss of Russian social network VK, previously known as VKontakte. |
Unknown |
Single Individual |
H |
RU |
19 |
06/05/2016 |
? |
Fling.com |
A hacker called Peace claims to be selling tens of millions of user accounts for adult dating site Fling.com on the dark web, including information on sexual desires, preferences, and other personal details. The data allegedly belongs to a breach happened in 2011. |
Unknown |
Adult Site |
CC |
US |
20 |
06/05/2016 |
Bozkurtlar |
UAE Investbank |
A 10GB file has been published online that purports to hold sensitive financial data on tens of thousands of customers belonging to UAE Investbank. A Turkish group dubbed Bozkurtlar claims responsibility for the attack. |
Unknown |
Finance |
CC |
AE |
21 |
07/05/2016 |
Anonymous |
Several Banks Worldwide |
OpIcarus continues and the Anonymous take down other banks across the world, including: The Central Bank of the Dominican Republic, the Guernsey Financial Services Commission, the Central Bank of Maldives, the Dutch Central Bank, the National Bank of Panama, the Central Bank of Kenya, the Central Bank of Mexico and the Central Bank of Bosnia and Herzegovina. |
DDoS |
Finance |
H |
DO GG MV NL PA KE MX BA |
22 |
|
0x2Taylor |
leoprinting.co.uk |
0x2Taylor hacks leoprinting.co.uk and dumps 14,958 transaction records with usernames and hashed passwords. |
SQLi |
Industry: E-Commerce |
CC |
UK |
23 |
08/05/2016 |
? |
51Degrees |
Mobile device detection company 51Degrees reveals to have been hacked. |
Unknown |
Industry: Software |
CC |
UK |
24 |
09/05/2016 |
? |
Kiddicare |
Babycare retailer Kiddicare has warned customers that personal data consisting of 795,000 records shared with the store has been stolen by hackers. |
Unknown |
Industry: Retail |
CC |
UK |
25 |
09/05/2016 |
? |
UserVoice |
UserVoice admits to have suffered a cyberattack in April which has exposed sensitive data belonging to a small subset of users with administrator or contributor status (0.001%). |
Unknown |
Industry: Software |
CC |
US |
26 |
09/05/2016 |
? |
PerezHilton.com |
Cyphort Labs reveal the details of a malvertising campaign targeting PerezHilton.com |
Malvertising |
Blog |
CC |
US |
27 |
09/05/2016 |
? |
Mayfield Brain & Spine |
Mayfield Brain & Spine notifies its patients of a fake email containing malware sent to them. The incident affects a total of 23,341 patients. |
Malware |
Healthcare |
CC |
US |
28 |
09/05/2016 |
Jimmy |
deways.com |
Jimmy hacks deways.com and dumps 24,084 usernames and hashed passwords. |
SQLi |
Industry: Car Rental |
CC |
FR |
29 |
10/05/2016 |
Team Pak Cyber Lions |
Utkal University utkaluniversity.ac.in |
The Utkal University portal is taken down after it is defaced. |
Defacement |
Education |
H |
IN |
30 |
11/05/2016 |
North Korea |
Hanjin Heavy Industries |
South Korea points the finger to North Korea after Hanjin Heavy Industries, a navy defence contractor. is hacked. |
Targeted Attack |
Industry: Defense |
CE |
KR |
31 |
11/05/2016 |
Pawn Storm |
German Christian Democratic Union |
Security Researchers from Trend Micro reveal that Pawn Storm, one of the oldest APTs engaging in cyber espionage, is targeting members of the German Christian Democratic Union (CDU), the political party of German Chancellor Angela Merkel (and also other targets). |
Targeted Attack |
Government |
CE |
DE |
32 |
11/05/2016 |
? |
Medical Colleagues of Texas |
Hackers breach the computer network of a doctors’ group in Katy, potentially accessing more than 60,000 medical records and personnel files. |
Malware |
Healthcare |
CC |
US |
33 |
12/05/2016 |
shenfenzheng |
Several Chinese Communist Party Officials and Captains of Industry |
Personal information on dozens of Chinese Communist Party officials and captains of industry is exposed on Twitter from an account under the name “shenfenzheng”. |
Unknown |
Single Individuals |
CC |
CN |
34 |
12/05/2016 |
? |
>4000 Journalists |
More than 4,000 journalists, accused by pro-Kiev activists of “collaborating with terrorists” for their reporting from war-torn eastern Ukraine, have their personal details leaked on a website called Mirotvorets (Pace Keeper). |
Unknown |
Single Individuals |
H |
>1 |
35 |
12/05/2016 |
? |
Unnamed Adult Forum |
An unnamed porn forum is hacked and details of 100,000 members leaked |
SQLi |
Adult Forum |
CC |
N/A |
36 |
12/05/2016 |
? |
Besa Hitman-for-Hire Service |
bRpsd hacks the Dark Web portal of the Albanian mafia group called Besa, and dumps the data online and exposing their hitman-for-hire service. |
SQLi |
Online Services |
CC |
AL |
37 |
13/05/2016 |
? |
Tien Phong Bank |
SWIFT confirms a new attack in which attackers managed to illegally transfer funds from a member bank by using its system. Further details, including the bank name are revealed two days after. |
Targeted Attack |
Finance |
CC |
N/A |
38 |
13/05/2016 |
Anonymous |
Bank of England |
In name of OpIcarus, the Anonymous claim to have taken down the internal email server of the Bank of England |
Unknown |
Finance |
H |
UK |
39 |
13/05/2016 |
New World Hackers |
University of Limpopo |
New World Hackers (NWH), one of the hacking crews participating in the Anonymous #OpAfrica campaign, leak data obtained after hacking and then defacing the website of the University of Limpopo from the town of Polokwane, South Africa. |
SQLi |
Education |
H |
ZA |
40 |
13/05/2016 |
Anonymous BannedOffline Ghost Squad |
Central Bank of Jordan Central bank of South Korea Bank of Compagnie Monegasque Central Bank of Montenegro |
Another round of OpIcarus. This time the targets are: Central Bank of Jordan, Central bank of South Korea, Bank of Compagnie Monegasque, Central Bank of Montenegro. |
DDoS |
Finance |
H |
JO KR FR ME |
41 |
13/05/2016 |
? |
Avention |
Avention, investigate data breaches affecting personal information of its employees. |
Account Hijacking |
Industry: Software |
CC |
US |
42 |
13/05/2016 |
SonnySpooks |
fijilive.com |
SonnySpooks hacks fijilive.com and dumps 91,460 usernames and hashed passwords. |
SQLi |
News |
CC |
FJ |
43 |
14/05/2016 |
Bozkurtlar |
Dutch Bangla Bank City Bank Trust Bank Business Universal Development Bank Sanima Bank Commercial Bank of Ceylon |
The Turkish hacker group Bozkurtlar leaks data allegedly belonging to six international banks: the Dutch Bangla Bank (Bangladesh), The City Bank (Bangladesh), Trust Bank (Bangladesh), Business Universal Development Bank (Nepal) and Sanima Bank (Nepal), and then for the Commercial Bank of Ceylon (Sri Lanka). |
SQLi |
Finance |
CC |
BD NP LK |
44 |
14/05/2016 |
Anonymous |
ncgov.org ncgov.net ncgov.com np.nc.gov governor.state.nc.us northcarolina.gov |
In name of #OpLGBT, the Anonymous take down a number of government websites in North Carolina. |
DDoS |
Government |
H |
US |
45 |
14/05/2016 |
1×0123 |
Pornhub[.]com |
Few days after kicking off its bug bounty problem, Pornhub is hacked by an underground researcher who claims to sell the access to a command execution shell for $1000. |
Undisclosed Vulnerability |
Adult Site |
CC |
US |
46 |
14/05/2016 |
? |
Hi-Tec Sports |
Hi-Tec Sports notifies customers about a compromise affecting its online ordering system and payment card data. |
Malware |
Industry: Sportswear |
CC |
NL |
47 |
15/05/2016 |
GhostShell |
Several Targets |
GhostShell, is back with a new leak as part of his new campaign called Light Hacktivism. His new leak after a few months of silence involves a list of 32 websites from where the hacker has taken readily available data containing sensitive information. |
Misconfigured FTP Server |
>1 |
H |
>1 |
48 |
15/05/2016 |
? |
Gatecoin |
Hong Kong-based Bitcoin and Ethereum exchange service Gatecoin announces the theft of a large amount of cryptocurrency following what they believe was a server intrusion. The company says it lost 250 Bitcoin ($114,500) and 185,000 Ethereum ($1,850,000), totaling over $2,000,000. |
Unknown |
Bitcoin Exchange |
CC |
HK |
49 |
15/05/2016 |
Anonymous |
Bank of France Central bank of the United Arab Emirates Central Bank of Tunisia Central Bank of Trinidad and Tobago Philippine National Bank |
Other targets taken down in name of OpIcarus |
DDoS |
Finance |
H |
FR AE TN TT PH |