ID |
Date |
Author |
Target |
Description |
Attack |
Target Class |
Attack Class |
Country |
1 |
05/05/2016 |
Russia? |
RUAG |
The identities of members of an elite Swiss special forces army unit have been revealed in a hack of the RUAG defence contractor |
Targeted Attack |
Industry: Defence Contractor |
CE |
CH |
2 |
16/05/2016 |
? |
Commercial Bank of Ceylon |
The Sri Lanka-based Commercial Bank of Ceylon releases a statement admitting that a “hacking attack” on its website resulted in a successful intrusion. However, no customer data has been compromised. |
Unknown |
Finance |
CC |
LK |
3 |
17/05/2016 |
? |
Several Websites |
Cyphort Labs unveil the details of a new Angler Campaign targeting 19 Websites, including UltraVNC. |
JS injection |
>1 |
CC |
>1 |
4 |
18/05/2016 |
? |
Phishing Government Websites |
Netcraft reveals a banking phishing campaign targeting customers of Wells Fargo, Google, and AOL and exploited using Bangladesh Government websites. |
Account Hijacking |
Single Individuals |
CC |
BD |
5 |
18/05/2016 |
? |
Anti Ukraine Government Separatists |
Researchers from ESET unveil the details of another cyberespionage operation in Ukraine: Operation Groundbait targeting anti-governative separatists. |
Targeted Attack |
Single Individuals |
CE |
UA |
6 |
18/05/2016 |
? |
San Juan County |
San Juan County reports that the information of patients in the county’s DWI treatment program may have been compromised after an attacker gained remote access to one of its computers |
Unknown |
Government |
CC |
US |
7 |
18/05/2016 |
Anonymous |
33 Turkish Hospitals |
Hacker(s) claiming to be part of Anonymous post online a link pointing to a 2GB archive containing personal records stolen from 33 Turkish hospitals. |
SQLi |
Healthcare |
H |
TR |
8 |
18/05/2016 |
? |
Complete Chiropractic & Bodywork Therapies |
Complete Chiropractic & Bodywork Therapies notifies 4,082 patients after discovering that malware had been injected into their system in November, 2015. |
Malware |
Healthcare |
CC |
US |
9 |
18/05/2016 |
? |
The Sydney Morning Herald The Age Digital Editions |
Two Australian-based news websites, belonging to Fairfax Media, The Sydney Morning Herald and The Age Digital Editions, have been hacked and as a result, over 13,000 email subscriber accounts have been leaked online. |
SQLi |
News |
CC |
AU |
10 |
19/05/2016 |
? |
Noodles & Company |
Noodles & Company says it has hired outside investigators to probe reports of a credit card breach at some locations. |
PoS Malware |
Industry: Restaurant |
CC |
US |
11 |
20/05/2016 |
North Korea? |
Bank in Ecuador |
Here’s the third victim of the SWIFT hack: bank in Ecuador was also the victim of a similar attack in 2015 which saw cybercriminals stealing around $9m. |
Targeted Attack |
Finance |
CC |
EC |
12 |
20/05/2016 |
? |
Fur Affinity |
Fur Affinity, a community people with an interest in anthropomorphic animal characters such as wolves and foxes is hacked and the hackers may have run off with email addresses and hashed passwords. |
ImageMagick Vulnerability |
Forum |
CC |
US |
13 |
20/05/2016 |
? |
Ubiquity Networks |
Ubiquity Networks reveals that an exploit which can lead to completely hijacked network devices is being used in fresh campaigns against its devices. |
Malware |
Industry: Networking |
CC |
US |
14 |
20/05/2016 |
Phineas Fisher |
Sindicat de Mossos d’Esquadra |
Phineas Fisher, the hacker behind the Gamma International and Hacking Team breaches hacks the Sindicat de Mossos d’Esquadra (the Catalan police union), published personal information about police officers (including their badge numbers), and hijack their Twitter account. |
SQLi |
Law Enforcement |
H |
ES |
15 |
21/05/2016 |
? |
majorgeeks.com |
270,000 reccords from majorgeeks.com appear in the dark web. |
Unknown |
Online Services |
CC |
US |
16 |
22/05/2016 |
bRpsd |
chilisuae.com |
bRpsd hacks chilisuae.com and dumps 5,584 records. |
Unknown |
Industry: Restaurant |
CC |
AE |
17 |
22/05/2016 |
Azmeth |
burgerking.com.ar |
Azmeth hacks burgerking.com.au and dumps 4,833 records with usernames and hashed passwords. |
SQLi |
Industry: Restaurant |
CC |
AR |
18 |
22/05/2016 |
? |
hortinews.co.ke |
42,000+ usernames and passwords appear in the dark web. |
Unknown |
News |
CC |
KE |
19 |
23/05/2016 |
? |
Stamford Podiatry Group |
Stamford Podiatry Group notifies patients that medical and personal information of 40,000 individuals was compromised in a recent security incident. |
Unknown |
Healthcare |
CC |
US |
20 |
23/05/2016 |
Amar^SHG |
Météo France (meteofrance.com) |
A hacker who goes by the nickname of Amar^SHG (formerly Kuroi’SH) defaces France’s most visited weather portal, Météo France. |
Defacement |
Online Services |
H |
FR |
21 |
23/05/2016 |
Ke3chang |
Multiple Embassies Around the World |
FireEye reveals the details of a cyber-espionage group tied to China and called Ke3chang targeting multiple embassies around the world. |
Targeted Attack |
Government |
CE |
>1 |
22 |
23/05/2016 |
? |
raas.com.au |
An anonymous hacker hacks raas.com.au and dumps 3,456 records with usernames and hashed passwords. |
SQLi |
Real Estate |
CC |
AU |
23 |
24/05/2016 |
Attackers from three countries including Saudi Arabia |
Statistical Centre of Iran |
The Statistical Centre of Iran is targeted by unknown attackers. Iran tracks the origin of the attack from three Arab countries including Saudi Arabia. |
Unknown |
Government |
CE |
IR |
24 |
24/05/2016 |
? |
hypergen.ch |
An unknown hacker hacks hypergen.ch and dumps 22,000 accounts. |
Unknown |
Online Services |
CC |
CH |
25 |
25/05/2016 |
? |
NS1 |
Unknown attackers have been directing an ever-changing army of bots in a distributed denial of service (DDoS) attack against NS1, a major DNS and traffic management provide. |
DDoS |
Industry: Internet Services |
CC |
US |
26 |
25/05/2016 |
? |
Twitter accounts of over 2,500 individuals |
Twitter accounts of over 2,500 users, including accounts that have a large number of followers, are hacked in the span of two weeks. The hacked accounts appear to have been replaced by pornbots that weet sexual content and post links to adult dating websites. |
Account Hijacking |
Single Individuals |
CC |
>1 |
27 |
26/05/2016 |
? |
scrum.org |
Scrum.org, the Scrum certification and training site contacts users to warn them of a security breach. |
Undisclosed Vulnerability |
Online Services |
CC |
US |
28 |
27/05/2016 |
Tessa88@exploit.im |
MySpace |
A hacker hiding behind the email address Tessa88@exploit.im publishes a database containing 360 million records belonging to MySpace. The database is the alleged result of a breach occurred in 2013. |
Unknown |
Social Network |
CC |
US |
29 |
27/05/2016 |
? |
12 more banks |
The investigation into the attempted $1 billion electronic heist at the Central Bank of Bangladesh expands to as many as 12 more banks that all use the SWIFT payment network. |
Targeted Attack |
Finance |
CC |
>1 |
30 |
27/05/2016 |
? |
Reddit |
A surge in account hijacking and takeovers forces Reddit to reset 100,000 passwords. |
Account Hijacking |
Social Network |
CC |
US |
31 |
27/05/2016 |
? |
Southeast Eye Institute |
The Southeast Eye Institute reports a possible data breach after an unauthorized individual gained access to data of 87,000 patients via a third party affiliate. |
Unknown |
Healthcare |
CC |
US |
32 |
27/05/2016 |
? |
Fiverr |
Fiverr suffers Six-Hour DDoS Attack After Removing DDoS-for-Hire Listings. |
DDoS |
Online Marketplace |
CC |
IL |
33 |
27/05/2016 |
SonnySpooks |
paypalsucks.com |
SonnySpooks hacks paypalsucks.com and dumps 82,169 records with usernames and hashed passwords. |
Unknown |
Online Services |
CC |
US |
34 |
28/05/2016 |
Tiger Mate |
Zameen.com |
A Bangladeshi hacker going with the handle of Tiger Mate hacks and defaces one of Pakistan’s largest real estate websites Zameen.com. The hacker has also leaks the site’s entire database online. |
Defacement |
Real Estate |
CC |
PK |
35 |
29/05/2016 |
Stealth Falcon |
Emirati Journalists, Activists and Dissidents |
The University of Toronto reveals the details of a cyber-espionage group codenamed Stealth Falcon, using a combination of home-cooked malware and social engineering tactics to spy on Emirati journalists, activists, and dissidents. |
Targeted Attack |
Single Individuals |
CE |
AE |
36 |
29/05/2016 |
OilRig |
Saudi Arabian financial institutions and technology organizations |
Researchers from Palo Alto Networks reveal the details of a cyber-espionage campaign named OilRig, targeting Saudi Arabian financial institutions and technology organizations. |
Account Hijacking |
Finance Industry: Technology |
CE |
SA |
37 |
29/05/2016 |
? |
Transport for NSW |
Transport for NSW says it is investigating a “compromise” of the TrainLink website’s reservations system, which is since then shut down. The company states that no personal data or credit card has been compromised. |
Unknown |
Transport |
CC |
AU |
38 |
30/05/2016 |
Peace |
Tumblr |
65 million passwords of Tumblr are on sell on the underground. The company admitted to have suffered a breach on May 12. |
Unknown |
Social Network |
CC |
US |
39 |
30/05/2016 |
@sw@ylol |
Katy Perry’s Twitter Account (@katyperry) |
Katy Perry’s Twitter account is taken over by a hacker dubbed @sw@ylol, sending out a series of bizarre Tweets to the pop star’s 89 million-plus followers. |
Account Hijacking |
Single Individual |
CC |
US |
40 |
30/05/2016 |
World Hacker Team (WHT) |
National Oil Corporation of Kenya |
World Hacker team hacks the National Oil Corporation of Kenya and posted a link online containing the database dump. |
SQLi |
Industry: Energy |
H |
KE |
41 |
31/05/2016 |
@FkPoliceAnonOps |
Spanish Police Department |
@FkPoliceAnonOps hacks the Spanish Police Department and leaks personal details of 5,000 Spanish police officers online. |
SQLi |
Law Enforcement |
H |
ES |
42 |
31/05/2016 |
MitM3R |
umoveindia.com |
MitM3R hacks umoveindia.com and dumps 18,416 records with usernames and hashed passwords. |
Unknown |
Real Estate |
CC |
IN |
43 |
13-19/05/2016 |
Anonymous |
18 banks including, Bank of Scotland, Bank of France, five US Federal Reserve branches |
Special Mention of the month: In name of OpIcarus, Anonymous affiliated hackers have continued their DDoS campaign on international financial institutions. The hacktivist collective attacked 18 banks between 13 and 19 May. Apart from the New York stock exchange, Bank of Scotland, Bank of France, five US Federal Reserve branches, among others were targeted by the collective. |
DDoS |
Finance |
H |
>1 |