Last Updated on July 7, 2016

It’s time to publish the fist timeline of June. I know that the latest timelines are published a little bit late, however this month the number of registered attacks is considerably higher than the average.

Is it maybe a consequence of the trail of mega breaches that seems endless and continued in this month? Probably it is, since the list of the victims include: Badoo, (100 million records), Twitter (32 million), iMesh (51 million), several forums hosted by Verticalscope (45 million), and JTB (8 million).

Another interesting trend of this month concerns the hijacking of Twitter accounts, which made some famous victims such as Keith Richards, Mark Zuckenberg, Kylie Jenner and Drake.

And while the Anonymous continued their OpIcarus (actually it entered phase II dubbed Project Mayhem), the chronicles also report some interesting cyber espionage events, such as a new advanced malware, whose modus operandi closely remind Stuxnet (dubbed Irongate), the return of the Gaza Hacker Team crew, yet another massive operation against South Korea carried on by Pyongyang, and the hack of the Democratic National Committee allegedly carried on by Russian speaking attackers.

As usual, scroll down the timeline for the details of the events (and be patient this time, since it’s longer than usual), and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Additionally, if you want, you can access the timeline in Google Sheet format: spreadsheets-32

 IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
101/06/2016? contacts users to warn them of a security breach. Unknown attackers took control of their web server to hijack initial password configuration emails.Undisclosed VulnerabilityOrg: SoftwareCCUS
201/06/2016?Several Road Signs in the USA number of road signs in the US falls victim to a politically-motivated ‘hack’ attack after being altered to show messages relating to presidential candidates Donald Trump and Bernie Sanders.UnknownRoad SignsCCUS
301/06/2016?Saudi ArabiaA new strain of Android spyware is identified that specifically targets security professionals in Saudi Arabia seeking jobs within the government and military. The malware is dubbed Android/ChatSpy.Targeted AttackGovernmentCESA
401/06/2016Ghost Squad mail.cnn.comMembers of the Ghost Squad Hackers team, one of Anonymous’ former subdivisions, take down CNN and FOX News as part of a new hacktivism campaign dubbed OpSilence. DDoSNewsHUS
502/06/2016?BadooUser accounts for dating site Badoo are being traded in the digital underground, including email address, cracked passwords, names, and dates of birth.UnknownSocial NetworkCCCN
602/06/2016?Taiwan’s ruling Democratic Progressive Party (DPP)The website of Taiwan’s ruling Democratic Progressive Party is under attack from cyber spies seeking to profile visitors to the site, part of a campaign to get information about the party’s policies following its election victory in January.Targeted AttackOrg: Political PartyCETW
702/06/2016?10,000 WordPress WebsitesMore than 10,000 WordPress websites are infected by attackers exploiting an unpatched vulnerability in a widely used plugin called WP Mobile Detector, security researchers warned.WordPress Plugin Vulnerability>1CC>1
802/06/2016AnonymousLondon Stock Exchange (LSE)Hackers affiliated to the Anonymous collective claim to have taken down the London Stock Exchange in name of OpIcarus.DDoSFinanceHUK
903/06/2016?>1FireEye threat researchers discover a complex malware instance that borrows tricks from Stuxnet and is specifically designed to work on Siemens industrial control systems. The malware is dubbed “Irongate”.Targeted Attack>1CEN/A
1003/06/2016?CiCi’s PizzaCiCi’s Pizza, an American fast food business with more than 500 stores in 35 US states, appears to be the latest restaurant chain to struggle with a credit card breach.PoS MalwareIndustry: RestaurantCCUS
1103/06/2016AnonymousWesizweIn name of #OpAfrica, the Anonymous dump online data claimed to come from a database obtained from Wesizwe. SQLiIndustry: MiningHZA
1203/06/ hacks and dumps 35,195 recordsUnknownIndustry: E-CommerceCCUK
1304/06/2016GhostShell110 MongoDB ServersGhostShell leaks a collection of database dumps, which he claims he obtained from 110 misconfigured MongoDB servers (36 million user records). MongoDB Vulnerability>1CC>1
1404/06/2016?TeamViewerUsers of the remote login service TeamViewer report their computers have been ransacked by attackers who somehow gained access to their accounts.Account HijackingIndustry: SoftwareCCDE
1504/06/2016?BitGoA massive DDoS attack hits BitGo, a service that describes itself as the most secure Bitcoin wallet solution available today.DDoSBitcoin WalletCCUS
1604/06/2016bRpsdwtspy.combRpsd hacks and dumps 244,487 records.UnknownIndustry: SoftwareCCUS
1705/06/2016PakistanIndiaFireEye security researchers discover a new wave of attacks against Indian government officials, linked to Pakistan. Targeted AttackGovernmentCEIN
1805/06/2016?Keith Richards Twitter Account (@officialKeef)Keith Richards has his Twitter account hacked.Account HijackingSingle IndividualCCUK
1905/06/2016?Tenacious D Twitter Account (@RealTenaciousD)Tenacious D, Jack Black’s music group, have their Twitter Account hacked and post the fake news of Jack Black’s death.Account HijackingSingle IndividualsCCUS
2005/06/2016?Sh0ping[.]suSh0ping[.]su, a platform known for selling stolen accounts on the dark market is hacked. The attackers leak 16,000 stolen accounts, 15,000 accounts taken from other sites, and 9,000 credit cards.UnknownDark Market PlatformCCN/A
2105/06/2016? database, made of 252,951 records is dumped on the dark net.UnknownOnline ServicesCCAU
2206/06/2016Tessa88VK.comRussian social networking site appears to have been breached in 2012 with hackers selling some 100 million records for a mere US$580 in Bitcoins.UnknownHacker ForumCCRU
2306/06/2016@2aiden3Drake’s Twitter account (@Drake)Drake’s Twitter account was taken over by an account called @2aiden3Account HijackingSingle IndividualCCUS
2406/06/2016?Kylie Jenner’s Twitter account (@KylieJenner)Kylie Jenner is the latest celebrity to have her Twitter account hacked.Account HijackingSingle IndividualCCUS
2506/06/2016OurMine TeamMark Zuckerberg’s Twitter and Pinterest AccountsA hacker or hacking group going by the name of “OurMine Team” briefly takes control of Facebook chief Mark Zuckerberg’s Twitter and Pinterest accounts, apparently using information from a major LinkedIn security breach that occurred in 2012.Account HijackingSingle IndividualCCUS
2607/06/2016?TwitterThe same hacker who had links to the recent MySpace, LinkedIn, and Tumblr data breaches, claims to have obtained a database from Twitter, which includes email addresses (and sometimes two per person), usernames, and plain-text passwords.Tessa88 is selling the cache for 10 bitcoins, or about $5,820 at the time of writing.UnknownSocial NetworkCCUS
2707/06/2016?Lorrie CranorLorrie Cranor, FTC’s chief technologist gets her mobile phone number hijacked by ID thiefAccount HijackingSingle IndividualCCUS
2807/06/2016?US visa applicants in SwitzerlandF-Secure reveals the details of a campaign targeting US visa applicants in Switzerland. The unknown malware is called Qarallaz RAT or QRAT, and is being distributed via Skype by an unknown entity posing as a US government officialTargeted AttackSingle IndividualsCCCH
2907/06/2016?George Harrison Twitter Account (@GeorgeHarrison)George Harrison’s Twitter account is hacked but the hacker didn’t know he was dead. Account HijackingSingle IndividualCCUK
3008/06/2016?@NFL Twitter AccountOnline miscreants take over the National Football League’s Twitter account and usedit to falsely report the death of league commissioner Roger Goodell.UnknownOrg: Sport LeagueCCUS
3108/06/2016?CastoramaFrench DIY goods store Castorama pull its website offline after unknown attackers manipulated the site search function to suggest rude versions of household appliances.UnknownIndustry: RetailCCFR
3208/06/2016?UTorrent ForumHackers obtain 34,000 user accounts for the UTorrent forum of popular data trading software BitTorrentUnknownBitTorrentCCN/A
3309/06/2016Anonymousbilderbergmeeting.orgIn name of Project Mayhem, the phase 3 of OpIcarus, the Anonymous take down the official website of the Bilderberg Group, a controversial and highly secretive conference held with the so-called ‘political elite’ alongside experts from academia and finance.DDoSOrg: FinanceHIE
3409/06/ (Romania Stock Exchange)As part of the same operations, the Anonymous take down the Romania Stock Exchange (
3509/06/2016NSAUnknown Government-Linked Louisiana DatabaseA hacker under the pseudonym NSA puts on sale on the dark web a database that purports to hold over a quarter of a million driver licence records compromised from a government-linked databases in Louisiana, United States.UnknownGovernmentCCUS
3609/06/2016United Cyber CaliphateThousands of IndividualsThe United Cyber Caliphate (UCC) releases its latest “kill list”. The list, which targets thousands of individuals and includes crucial personal information such as names and addresses, is believed to be the longest ever published by an Isis-affiliated group.UnknownSingle IndividualsCW>1
3709/06/2016?DAC GroupDAC Group suffers a security breach resulting in data theft of 93,000 customer accounts. The data also contains 77,000 accounts from State Farm, an Insurance company.UnknownIndustry: Digital Content and MarketingCCCA
3810/06/2016?DeRay Mckesson’s Twitter Account (@deray)Black Lives Matter activist and politician DeRay Mckesson has his Twitter account hacked.Account HijackingSingle IndividualCCUS
3910/06/2016Caliphate Cyber ArmyArkansas Library AssociationThe Caliphate Cyber Army (CCA) leaks details of 800 library workers from the Arkansas Library Association (ALA). UnknownOrg: CultureCWUS
4010/06/2016Faisal 1337Karnataka State Police official website of the Karnataka State Police ( is defaced by a Pakistani hacker dubbed Faisal 1337 from Team Pak Cyber Attackers. The hackers posts a Pakistani flag on the home page and some provocative messages.DefacementLaw EnforcementCWIN
4111/06/2016WauchulaGhostPro-ISIS Twitter AccountsAnonymous member WauchulaGhost reveals to have taken over Twitter accounts for ISIS supporters and defaced them with adult-themed images. Account HijackingOrg: TerrorismHN/A
4211/06/2016Gaza Hacker TeamGovernmentClearSky reveals its first report about Operation DustSky, which sets the comeback of the Gaza Hacker Team with a new wave of attacks against Israel, US, Palestine, Egypt and Saudi Arabia.Targeted AttackGovernmentCE>1
4311/06/ and Kurdish hacker using the name MuhmadEmad defaces five Dell subdomains and leaves anti-Turkey and anti-ISIS messages on the sites. DefacementIndustry: Computer HardwareHUS FR IE UK NL
4411/06/2016Romantic Intruder8 Indian Government WebsitesTwo Pakistani hackers dubbed Romantic and Intruder deface eight Indian government websites including the Embassy of India in Turkey, the embassy of India in Greece, the embassy of India in Mexico, the consulate General of India in Brazil, the embassy of India in Romania, the Embassy of India in Tajikistan, and the High Commission of India in South Africa. DefacementGovernmentCWIN
4512/06/2016?University of Greenwich ( what looks like an act of revenge from an ex-student or staff (still unclear) the server of Greenwich University is breached and completely leaked online.UnknownEducationCCUK
4612/06/2016?South African Broadcasting CorporationThe South African Broadcasting Corporation (SABC), the country’s official state news broadcaster, confirms that it suffered a wave of cyberattacks orchestrated by a hacktivist aligned with the Anonymous collective.DDoSIndustry: BroadcastHZA
4712/06/2016W0rmforum.onverse.comW0rm hcks and dumps 6.051 accounts.UnknownOnline ForumCCUS
4813/06/2016North KoreaSouth KoreaNorth Korea hacked into more than 140,000 computers at 160 South Korean firms and government agencies, planting malicious code under a long-term plan laying groundwork for a massive cyber attack against its rival. The hacking began in 2014 and was detected in February.Targeted Attack>1CWKR
4913/06/2016?iMesh51 Million user accounts for iMesh, a now defunct file sharing service, are put on sale on the dark web.UnknownFile SharingCCUS
5013/06/2016?Thousands legitimate websitesImperva researchers discover a long-running campaign that has been exploiting vulnerabilities in thousands of legitimate websites to increase SEO results for illicit websites.SEO Poisoning>1CC>1
5114/06/2016Guccifer 2.0 (Russian affiliated hackers)Democratic National CommitteeRussian government hackers penetrate the computer network of the Democratic National Committee and gain access to the entire database, dumping a 231-page document purporting to be opposition research into Donald Trump.UnknownOrg: Political PartyCWUS
5214/06/2016?GithubSomeone using what appears to have been a list of e-mail addresses and passwords obtained from the breach of “other online services” makes a massive number of login attempts to GitHub’s repository .service.Brute ForceIndustry: SoftwareCCUS
5314/06/2016?Several forums hosted by VerticalScopeAn unknown hacker steals tens of millions of accounts from over a thousand popular forums. The stolen database contains close to 45 million records from 1,100 websites and forums hosted by VerticalScope.UnknownIndustry: MediaCCCA
5414/06/ (Muslim Broterhood English Website)A hacker going by the handle of SkyNetCentral conducted a series of distributed denial-of-service (DDoS) attack on the official website of Society of the Muslim Brothers or Muslim Brotherhood. The attacker also hacks some data.DDoSOrg: ReligionCCUS
5514/06/2016Sofacy (APT)US GovernmentPalo Alto Networks reveals the details of a cyberespionage group called Sofacy, which has launched a fresh attack against the US government, using a “new persistence mechanism” designed to help evade detection. Targeted AttackGovernmentCEUS
5614/06/2016Anonymous AfricaEFF ZANU-PFAnonymous Africa takes down EFF and ZANU-PF, two black nationalist political parties in South Africa and Zimbabwe. DDoSOrg: Political PartyHZA ZW
5714/06/2016?Vermont Department of Fish and Wildlife (FWD)The Vermont Department of Fish and Wildlife (FWD) posts a notice for a suspected security breach related to the on-line purchase of licenses and tags from the Department.UnknownGovernmentCCUS
5815/06/2016?>1Kaspersky Lab researchers investigate xDedic marketplace, a global forum where cybercriminals sell access to compromised servers for as little as $6 each. The forum appears to be run by a Russian-speaking group and lists 70,624 hacked Remote Desktop Protocol (RDP) servers for sale.Unknown>1CC>1
5915/06/2016?JTBJapan’s major travel agency JTB admits to have suffered a cyberattack which it fears has led to the theft of data belonging to 7.93 million users.UnknownIndustry: Travel AgencyCCJP
6015/06/2016?AcerAcer informs the California attorney general that its online store was attacked by hackers. An unauthorized outside party has taken a year’s worth of full credit card data, names and addresses between mid-May 2015 and late-April this year.UnknownIndustry: Computer HardwareCCTW
6115/06/2016Mofang (China)>1Fox-IT reveals the details of Mofang (“to imitate” in Chinese), a newly discovered cyber-espionage group that targeted various countries around the globe since February 2012, when the group’s main malware, called ShimRat, was found the first time. Targeted AttackBitcoin ExchangeCE>1

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.