Last Updated on August 8, 2016

It’s time to publish the first timeline of July, covering the main cyber attacks occurred between July 1st and 15th, 2016.

I seriously believe, at this point, that 2016 will be inevitably remembered for the number of databases hacked and in several cases popping up in the Dark Web. Every month is bringing new victims, and July is no exception unfortunately (at least the first fifteen days).

The list of the noticeable victims of this month includes: ubuntuforums.org (2 Million accounts leaked), Netia (a Polish ISP that had the entire customer base leaked), Shadi.com (a dating website that suffered the leak of 2M accounts), the media company Penton (5 databases leaked for a total of 1.4 million passwords) and MTN Irancell (this latter is really massive since the leaked data amounts to 20 Million customers).

In the same time: Marissa Mayer and Jack Dorsey joined the hall of shame (both of them had their Twitter account hacked), hacktivists took a summer break as this fortnight just showed a couple of operations (against Zimbabwe and South Africa), and, despite there were several cyber espionage operations, none of them deserved a special mention.

As usual, scroll down the timeline for the details of the events (and be patient this time, since it’s longer than usual), and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Additionally, if you want, you can access the timeline in Google Sheet format: spreadsheets-32

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
101/07/2016?MTN IrancellLaw enforcers in Iran arrest a 19-year-old IT graduate for leaking personal data belonging to 20M ‘MTN Irancell’ customers in an elaborate scheme orchestrated with the help of the smartphone application Telegram. The database was allegedly stolen 3 years ago.UnknownIndustry: TelcoCCIR
201/07/2016?Three Unnamed HospitalsTrapX releases a new report revealing the details of three new attacks related to Medjack, an attack that relies on exploiting existing medical devices that run outdated software in order to enter the secure network of a healthcare unit.Targeted AttackHealthcareCCN/A
301/07/2016aLem!Official website of Arizona State, Arizona House of Representatives and Arizona State LegislatureA hacked called aLem! defaces the websites of Arizona State, Arizona House of Representatives and Arizona State Legislature.DefacementGovernmentCCUS
401/07/2016hackermanfrischSovereign Order of MaltaA hacker dubbed hackermanfrisch claims to have hacked the website of the Sovereign Order of Malta and leaks 1,786 login credentials in plaintext.UnknownOrg: ReligionCCN/A
501/07/2016?DID Electrical (DID.ie)DID Electrical reveals that more than 300 people have had card details stolen after online security breach. The attack happened between June 15 and June 26.UnknownIndustry: RetailCCIE
601/07/2016TheDarkOverlordUnknown Healthcare DatabaseTheDarkOverlord puts up for sale a new healthcare database containing the data of about 24,000 patients.UnknownHealthcareCCUS
703/07/2016?North Carolina State UniversityAn external attacker uses a phishing scam to break into a North Carolina State University email account containing personally identifiable information of 38,000 individuals.Account HijackingEducationCCUS
804/07/2016?TrillianCerulean Studios reveal to have discovered a breach affecting their Blog and Forums. The breach affects potentially 3M records and could possibly date back to December 2015.vBulletin VulnerabilityIndustry: SoftwareCCUS
904/07/2016?Several Danish CompaniesResearchers at Heimdal Security reveal the details of a spear phishing campaign targeting specifically Danish Business Organizations.Targeted Attack>1CEDK
1004/07/2016PoodleCorpLeafyIsHere YouTube ChannelPoodleCorp hacks LeafyIsHere, a popular YouTube Channel with >3M subscribers and defaces the main page.Account HijackingYouTube ChannelsCCUS
1105/07/2016?topbutton.comThe database of topbutton.com is leaked in the Dark Net.UnknownSocial NetworkCCUS
1206/07/2016Guccifer 2.0US Democratic PartyGuccifer 2.0 leaks more documents from the computer networks of the US Democratic Party and exposes plans to spend more than $800,000 (£614,660) on a “counter-convention” in an attempt to hijack the upcoming Republican National Convention (RNC).UnknownOrg: Political PartyCEUS
1306/07/2016OurMineWikileaksBecause of a spat with the Anonymous, OurMine take down the Wikileaks website.DDoSOrg: HacktivismCCN/A
1406/07/2016?Twitter Account for NASA’s Kepler (@NASAKepler)The official Twitter account for NASA’s Kepler (@NASAKepler) is hacked and posts an offending image and a dodgy link.Account HijackingGovernmentCCUS
1506/07/2016AnonymousSeveral Zimbabwe WebsitesIn name of #ZimShutDown2016 or #ShutDownZimbabwe, the Anonymous take down the websites of the country’s official portal (zim.gov.zw), ZANUPF – Zimbabwe African National Union- Patriotic Front (Zanu-PF) and Zimbabwe Broadcasting Corporation (zbc.co.zw).DDoSGovernmentHZW
1607/07/2016Pravyy SectorNetiaA Ukrainian hacker going by the handle of Pravy Sektor (right sector) breaches the servers of Poland’s telecom company Netia SA and leak a 14GB file containin customers’ details.SQLiIndustry: TelcoCCPL
1707/07/2016@0x2TaylorBaton Rouge Police (brgov.com)In retaliation for the Alton Sterling killing, a hacker called @0x2Taylor hacks the Baton Rouge city government’s servers and leaks 50,000 Baton Rouge Police records.Account HijackingGovernmentHUS
1807/07/2016APT “Patchwork”>1Cymmetria Research releases a new report about a new APT dubbed “Patchwork” tied to Southeast Asia and the South China Sea, targeting governments and entities around the world including the U.S.Targeted AttackGovernmentCE>1
1907/07/2016APT “Pacifier”Several CountriesBitDefender reveals the details of “Pacifier”, a malicious actor targeting Romanian institutions and other foreign targets in countries such as Iran, India, the Philippines, Russia, Lithuania, Thailand, Vietnam, and Hungary.Targeted Attack>1CE>1
2008/07/2016?DatadogDatadog, the software-as-a-service monitoring and analytics platform, is hit by hackers and strongly suggests that customers initiate password resets.UnknownIndustry: System MonitoringCCUS
2108/07/2016uid05 databases belonging to the media company Penton (Web Hosting Talk, Mac Forums, HotScripts.com, dBforums, and A Best Web)Someone who goes by the name “uid0” allegedly steals more than 1.4 million passwords, email addresses, and other data from the databases of popular forums including Web Hosting Talk, and Mac Forums and HotScripts, and offers to sell the databases on the dark web underground market The Real Deal for a combined 7.2 bitcoin (approximately $4,752 at the current conversion rate)Account HijackingIndustry: IT Services and MarketingCCUS
2208/07/2016OurMineTwitter accounts associated with Yahoo boss Marissa Mayer and the site’s co-founder Jack DorseyOurMine hacks the Twitter accounts associated with Yahoo boss Marissa Mayer and the site’s co-founder Jack Dorsey.Account HijackingSingle IndividualsCCUS
2308/07/2016JokerStashOmni Hotels, Noodles & CompanyOmni Hotels & Resorts announces that point-of-sale systems at “some Omni properties” were infected with malware designed to collect payment card data, including cardholder names, credit or debit card numbers, security codes and expiration dates. 49 of Omni’s 60 North American hotels were affected, and over 50,000 payment card were leaked online.PoS MalwareIndustry: Hotel and HospitalityCCUS
2408/07/20160x2TaylorAmazon0x2Taylor claims to have breached the servers of Amazon, and leaks the login credentials of 80,000 Kindle users. The company denies the breach and declares the data was not stolen from its servers and is not legitimate.UnknownIndustry: E-CommerceCCUS
2508/07/2016?oshoworld.comAn anonymous hacker dumps on the Dark Web the database of topcon.com containing 85K records.UnknownIndustry: E-CommerceCCCA
2609/07/2016?topcon.comAn anonymous hacker dumps on the Dark Web the database of topcon.com containing 21K records.SQLiIndustry: Optical ComponentsCCJP
2709/07/2016?ingersollrandproducts.comAn anonymous hacker hacks ingersollrandproducts.com and leaks 14K usernames and hashed passwords.SQLiIndustry: Mechanical Components.CCUS
2810/07/2016?Shadi.comAnother Muslim Dating Website hacked. This time it’s the turn of shadi.com, which suffers 2M accounts dumped online, including clear text passwords.UnknownDatingCCUS
2911/07/2016AnonymousArmscor (armscor.co.za)In name of OpAfrica, hackers affiliated to the Anonymous collective hacks armscor, a Pretoria based arms procurement agency, and leak 63 MB data in HTML files that include invoices numbers, order numbers, invoice amount and other data from Airbus, Thales group, Rolls Royce, EADS, Denel etc. Armscor denies that classified data was stolen though.SQLiIndustry: Arms ProcurementHZA
3011/07/2016Dropping ElephantAsian RegionKaspersky Lab researchers reveals the details of a threat actor undertaking aggressive cyber espionage activity in the Asian region, targeting multiple diplomatic and government entities with a particular focus on China and its international affairs. The group is dubbed Dropping Elephant or Chinastrats.Targeted AttackGovernmentCE>1
3112/07/2016OurMineHSBCHacker group OurMine, claims that it temporarily took down the servers of HSBC in the US and the UK.DDoSFinanceCCUK
3212/07/2016?UK Network RailSecurity firm DarkTrace reveals that four major cyberattacks have been reported on UK railway computer networks over the past year,UnknownUtility: Network RailwayCCUK
3312/07/2016?Top Eight Banks in Taiwan including Bank of Taiwan, Chang Hwa Bank, First Bank.The top eight banks in Taiwan have been forced to shut down activity on hundreds of ATMs after a coordinated group of thieves used malware to steal NT$70 million ($2.17m, £1.64m, €1.9m) in cash.MalwareFinanceCCTW
3412/07/2016?68 Philippines Government WebsitesIn the same day the permanent court at The Hague rules for Philippines in the dispute against China for the islands in the West Philippine Sea, 69 Philippines Government Websites are taken down by a DDoS attack.DDoSGovernmentCWCN
3512/07/2016?Anhui Women and Children Health HospitalUnknown hackers steal nearly 6,000 private videos of newborn babies and upload them to a video-sharing website.UnknownHealthcareCCCN
3612/07/2016TheDarkOverlordUnnamed Healthcare Software CompanyThe Dark Overlord offers the source code, software signing keys, and customer license database for a firm that develops and markets healthcare software.UnknownIndustry: SoftwareCCUS
3712/07/2016SonnySpooksthreedollarclick.com fourdollarclick.com sevendollarclick.comIn a rage of hacking SonnySpooks hacks threedollarclick.com, fourdollarclick.com and sevendollarclick.com and dumps more than 200K records with usernames and hashed passwords.UnknownOnline ServicesCCPA
3812/07/2016SonnySpooksacparadise.comSonnySpooks leaks the entire database of acparadise.com made of 55K records including username and passwords.UnknownSocial NetworkCCUS
3912/07/2016SonnySpookspingpong.suSonnySpooks leaks the entire database of pingpong.su made of 57K records including username and passwords.UnknownIndustry: E-CommerceCCRU
4012/07/2016SonnySpookswii-records.comSonnySpooks leaks the entire database of wii-records.com made of 18K records including username and passwords.UnknownOnline ForumCCCA
4113/07/2016China?Federal Deposit Insurance Corporation (FDIC)A report published by the House Committee on Science, Space and Technology found that hackers purported to be from China had compromised computers at the Federal Deposit Insurance Corporation repeatedly between 2010 and 2013. Unfortunately the Incident was never reported.Targeted AttackGovernmentCEUS
4214/07/2016?ubuntuforums.orgPopular Ubuntu Forum ubuntuforums.org is hacked and 2 million user details that includes usernames, email addresses, and IP addresses are stolen.SQLiOrg: SoftwareCCZA
4314/07/2016Pravyy SectorPoland’s Defence MinistryThis time Pravyy Sector threaten to release data stolen from Poland’s Defence Ministry if the government doesn’t pay $50,000. The hackers shows a proof of the data he allegedly accessed.UnknownGovernmentCCPL
4414/07/2016Guccifer 2.0Democratic National Committee (DNC)Guccifer 2.0 leaks more documents reportedly stolen from the computer networks of the Democratic National Committee (DNC), including opposition research, political donor lists and internal memos.UnknownOrg: Political PartyCCUS
4514/07/2016?SteemitSocial media site Steemit temporarily shuts down after a major hack. The attackers compromise 260 account make off with $85,000 worth of cryptocurrency.UnknownSocial NetworkCCUS
4615/07/2015ElSurveillanceAfrikaDating.comElSurveillance continues his #EscortsOffline campaign and leaks 12,738 user records from afrikadating.com.UnknownEscort ServicesHUK
4715/07/2015ElSurveillanceAdultSingleSites.com.auIn name of the same campaign ElSurveillance leaks 67.118 user records from adultsinglesites.com.au.UnknownEscort ServicesHAU
4815/07/2015ElSurveillancePinkDate.co.ukIn name of the same campaign ElSurveillance leaks 67.118 user records from PinkDate.co.uk.UnknownEscort ServicesHUK

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.