Last Updated on September 28, 2016
Autumn is here! And unluckily its winds were not strong enough to sweep off the trail of mega breaches that are really the most remarkable infosec trends of this troubled 2016. Yes, it’s true, this timeline covers only the first two weeks of September and apparently the number of attacks decreased in comparison with the previous two months, however the damage report includes 100 million accounts from Rambler.ru, 43 million from Last.fm, 33 million from QIP.ru, and 2.2 million from ClixSense. Is this enough? Unfortunately not (ask to Yahoo!).
Other remarkable events include the hack of the World Anti-Doping Agency (WADA) by the infamous APT28 (AKA Fancy Bear) with the consequent leak of sensitive data on athletes, and the massive DDoS against Linode. As usual, if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates. Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format:
ID Date Author Target Description Attack Target Class Attack Class Country 1 01/09/2016 ? Last.fm More than 43 million of user records from UK-based music streaming service Last.fm surfaced from a hack that occurred in 2012. Each record reportedly contains a username, email address, hashed password and profile data. Unknown Online Music CC UK 2 01/09/2016 APT3 2 Hong Kong Government Agencies. Security company FireEye reveals that two Hong Kong government agencies have come under attack from cyberspies originating in China in the month leading up to Sunday’s legislative elections. Targeted Attack Government CE HK 3 01/09/2016 ? Btc-E.com LeakedSource reveals that Btc-E.com had 568,355 users hacked in October of 2014. Data contains usernames, emails, passwords, ip addresses, register dates, languages and some internal data such as how many coins the user had. Unknown Bitcoin Exchange CC US 4 01/09/2016 ? Bitcointalk.org LeakedSource reveals that Bitcointalk.org had 499,593 users hacked in May of 2015. Data contains usernames, emails, passwords, birthdays, secret questions, hashed secret answers and some other internal data. Unknown Online Forum CC US 5 01/09/2016 ? University of New Mexico Over 1,000 former students and employees of UNM have their identity stolen from a University database. After a month of silence, UNM establishes a call center to assist victims of the incident. Unknown Education CC US 6 01/09/2016 ? Transmission BitTorrent Client Developers of the Transmission BitTorrent client admitted that hackers replaced downloads of its file-sharing software with trojanized code. The hack, detected within hours, was designed to spread a Mac OS X backdoor, Kidnap, which steals user credentials. It’s unclear how many people were affected. Account Hijacking Org: Software CC US 7 01/09/2016 Ghost Squad Hackers (GSH) 12 websites belonging to the Afghan government Hacktivist group Ghost Squad Hackers (GSH) defaced 12 websites belonging to the Afghan government. Defacement Government H AF 8 01/09/2016 Expl.oit AKA Exploit exilemod.com A group of hackers going by the online handle of “Expl.oit” or “Exploit” hack the official website of Exile Mod gaming forum and leaks personal details of 11,902 registered users. SQLi Online Forum CC DE 9 01/09/2016 ? manaliveinc.org The non-profit organization Man Alive is hacked, and a patient database with sensitive personal and treatment information is put up for sale on the dark web. Unknown Org: Non-Profit CC US 10 01/09/2016 websites-hunter AKA @websitehunter Al Zahra Private Medical Centre (alzahra.com) The Al Zahra Private Medical Centre is hacked by an individual calling himself websites-hunter, who dumps the database online. Unknown Healthcare CC UAE 11 02/09/2016 ? Linode Linode reports the first of a series of DoS attacks on September 2nd, September 4th and September 5th. Another round will strike the company on Saturday, September 10th. Some of the attacks lasted up to eight hours. DDoS Industry: Hosting Provider CC US 12 02/09/2016 ? Hutton Hotel Hutton Hotel reports a breach of its payment card system warning guests that their information may have been compromised Malware Industry: Hotel and Hospitality CC US 13 02/09/2016 Anti-Armenia Team Armenian Government Azerbaijani hacktivists from Anti-Armenia Team leak the passport details of foreign visitors to Armenia and more after breaking into Armenian government servers. Unknown Government H AM 14 02/09/2016 ? Lightspeed Point of sales vendor Lightspeed is breached with password, customer data, and API keys possibly exposed, and notifies customers in an email saying that the information was contained in a compromised database Unknown Industry: Software CC CA 15 03/09/2016 OurMine Variety Entertainment news site Variety is briefly taken over by the infamous hacker group OurMine. The hacking collective manages to break into Variety's content management system and defaces the site with a post of their own claiming responsibility for the attack. The group also floods the site's email subscribers' inboxes with dozens of identical emails Account Hijacking News CC US 16 03/09/2016 Spain Squad Twitter A group of hackers dubbed Spain Squad claims to have found a way to seize inactive and suspended Twitter accounts, and sells them on the social network. Unknown Vulnerability Social Media CC US 17 03/09/2016 Myrotvorets Ukrainian alleged pro-Russian Journalists Myrotvorets, a group of Ukrainian nationalist hackers, leaks the personal details of local journalists they consider pro-Russian for the second time in four months. Account Hijacking Single Individuals H UA 18 05/09/2016 ? Brazzers Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach Unknown Adult Site CC US 19 06/09/2016 DayKalif Rambler.ru Nearly 100 million usernames and passwords from the Russian internet giant Rambler surface online in the latest in a long line of hacks that first occurred back in 2012. Unknown Vulnerability Industry: Internet Services CC RU 20 06/09/2016 ? University of Alaska University of Alaska officials announces that an attacker using employee credentials may have accessed student information of approximately 5,400 individuals. Account Hijacking Education CC US 21 07/09/2016 North Korea? Project on Crowdsourced Imagery Analysis (geo4nonpro.org) Servers belonging to the Project on Crowdsourced Imagery Analysis (PCIA), hosting data about nuclear tests, have been the subject of DDoS attacks just two days before North Korea's most recent nuclear tests. DDoS Org: Non-Profit CW US 22 07/09/2016 Aslan Neferler Tim or Lion Soldiers Team Vienna Airport Austrian police investigates a failed cyberattack on Vienna's airport saying they are looking into the authenticity of a claim of responsibility from a Turkish nationalist group. Unknown Airport H AT 23 07/09/2016 ? Hutton Hotel The Hutton Hotel says it engaged a third-party cyber security firm after it was notified of a possible breach by its payment processor. The investigation found that malware designed to capture card data had been installed on the hotel's payment processing system. PoS Malware Industry: Hotel and Hospitality CC US 24 08/09/2016 ? EurekAlert! (eurekalert.org) Popular science website EurekAlert!, which handles embargoed reports on health, medicine, and technology is hacked. The announcement in the website states that usernames and passwords to the service have been compromised. The hacker has also leaks two embargoed reports. Unknown News CC US 25 08/09/2016 ? vDoS vDos, a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 DDoS attacks is massively hacked, spilling secrets about tens of thousands of paying customers and their targets. Unknown Vulnerability DDoS-for-hire CC IL 26 08/09/2016 ? libero.it The database of the Italian portal libero.it is leaked online (about 750,000 users). Unknown Industry: ISP CC IT 27 09/09/2016 ? VoIpTalk Telephony provider VolPtalk may have been hit by hackers. The firm discreetly informs customers about a potential data breach and request to reset their passwords as a precautionary measure. Unknown Industry: Telephony CC UK 28 09/09/2016 ? KrebsOnSecurity Security researcher Brian Krebs' website KrebsOnSecurity comes under "heavy and sustainable" attack after two 18 year-old Israeli hackers were arrested over their connection with a DDoS-for-hire service called vDOS. DDoS News CC US 29 09/09/2016 Aslan Neferler Tim or Lion Soldiers Team Austrian National Bank (OeNB.at) Turkish hackers have launched DoS (Denial-of-Service) attacks against the web servers of the Austrian National Bank (OeNB). DDoS Government H AT 30 09/09/2016 ? Almelo.nl Hackers steal 22 gigabytes of data from municipal servers in Almelo Unknown Government CC NL 31 10/09/2016 Daykalif QIP.ru QIP.ru is the latest organization to join the list of companies hit by mega breaches. A hacker dubbed daykalif dumps a trove of 33 million accounts. Unknown Industry: Software CC RU 32 11/09/2016 B0yzTeam Bremerton Housing Authority (bremertonhousing.org) A group of cyber criminals defaces the official website of Bremerton Housing Authority (bremertonhousing.org) and demands $4,000 as ransom. Defacement Org: Housing CC US 33 13/09/2016 APT28 AKA Fancy Bear World Anti-Doping Agency (Wada) The World Anti-Doping Agency (Wada) confirms that a suspected Russian hacking group illegally accessed its 'administration and management system' - known as 'Adams' and stole troves of sensitive data on athletes. Among those targeted are Serena and Venus Williams, gymnast Simone Biles, and American basketball star Elena Delle Donne. Compromised information includes confidential medical data, such as Therapeutic Use Exemptions, Account Hijacking Org: Sport CC N/A 34 13/09/2016 ? ClixSense Plaintext passwords, usernames, e-mail addresses, and other personal information for more than 2.2 million people who created accounts with ClixSense are published online. The attackers claim to release additional 4.4 million accounts. Unknown Pay-per-click CC US 35 13/09/2016 ? Thousands of Seagate NAS Thousands of Seagate Central network-attached storage (NAS) devices have been found hosting cryptocurrency mining malware called Miner-C which turns them into repositories to infect other devices. Malware Single Individuals CC >A 36 14/09/2016 ? St. Francis Health System St. Francis Health System is hacked and the data is sold on the Dark Web for 24 BTC (14,500 USD, 11,000 GBP, 13,000 EUR) Unknown Healthcare CC US 37 14/09/2016 ? Empireminecraft.com Empireminecraft notifies its users of the compromise of one of the staff member's email account. As a result the attacker was able to access confidential information. Account Hijacking Online Forum CC US 38 15/09/2016 MuslimLeets (aka Muj4hida) American Human Rights Council (AHRC.org) and 62 other websites A hacker going by the name MuslimLeets (aka Muj4hida) defaces the American Human Rights Council (AHRC) and 62 other websites, leaving a message calling for jihad. Defacement Org: Non-Profit H US