Last Updated on January 9, 2017

Happy New Infosec Year! Have you had a wonderful start of this 2017? I hope so… You can now leave the old year behind, but not completely, at least not without having a look at the second timeline of December covering the main cyber attacks occurred between the 16th and 31th (Part I here).

An unexpected tail for this year, with a number of attacks noticeably higher than the previous months. The most remarkable breaches of this month include (9.5 million users notified) and PayAsUGym (300,000 email addresses compromised).

Other important events include the return of the OurMine collective, who hijacked other high-profile Twitter accounts (Netflix, Marvel, NFL, Sony Music and Nat Geo Photography), and the #OpSingleGateway carried on by the Anonymous against the Thai Government.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Additionally, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format: spreadsheets-32


114/12/2016PROMETHIUM and NEODYMIUM APTsSingle Individuals in EuropeMicrosoft reveals the details of two APTs (PROMETHIUM and NEODYMIUM) targeting single individuals to obtain intellectual property and other data.Targeted AttackSingle IndividualsCEEU
214/12/2016Cryptolulz666Russian Embassy of Armenia ( breaks into the database of the website of Russian Embassy of Armenia ( and leaks the corresponding data.SQLiGovernmentCCAM
315/12/2016?PayAsUGymFitness website PayAsUGym confirms one of its servers has been hacked and acknowledges that 300,000 email addresses and passwords of its members has been accessedUnknownIndustry: Fitness NetworkCCGB
415/12/2016?Summit Reinsurance Services Inc.Personal Information about 1000 Black Hawk College employees and their dependents could have been compromised in a hack of Summit Reinsurance Services Inc., a former insurance provider's server.MalwareIndustry: Insurance ServicesCCUS
516/12/2016?Home RoutersA new wave of attacks using DNSChanger targets a set of vulnerable home routers.Malware (DNSChanger)Single IndividualsCC>1
616/12/2016?AkbankNews emerges that hackers targeted Turkey's Akbank via the SWIFT global money transfer system in an attack which the bank said had not compromised customer data but would cost it up to $4 million.Targeted AttackFinanceCCTR
716/12/2016?Bleacher ReportBleacher Report reports that an unauthorized user gained access to user information for its website and mobile app.UnknownNewsCCUS
816/12/ takes down the website of
916/12/2016Cryptolulz666Russian Federal Drug Control Service Liquidation Commission ( takes down the website of the Russian Federal Drug Control Service Liquidation Commission (
1016/12/2016Phantom SquadEA Battlefield 1The Phantom Squad Collective takes down the servers of EA Battlefield 1.DDoSIndustry: Video GamesCCUS
1117/12/2016?Lynda.comLinkedIn's online learning unit notifies its 9.5 million users of an unauthorised database breach that contained the contact information and courses viewed of around 55,000 users. The company confirms the hack and says it has reset the passwords for all 55,000 accounts as a precautionary measure.UnknownIndustry: Online LearningCCUS
1217/12/2016AnonymousThai Police OfficeThe Anonymous take down the website of the Thai Police Office following the endorsement of its controversial new Computer Crime Bill.DDoSLaw EnforcementHTH
1317/12/2016The Dark OverlordPrecon ProductsThe Dark Overlord leaks some data from Precon Products including the alleged video of an accident and the Operation Manager's iPhone data.UnknownIndustry; ContstructionCCUS
1418/12/2016Kelvin OnaghinorLos Angeles CountyKelvin Onaghinor, a Nigerian national is charged in connection with a hack of Los Angeles County emails that might have exposed personal data from more than 750,000 people who had business with county departments.Account HijackingGovernmentCCUS
1519/12/2016AnonymousThai Ministry of Information and Communication Technology and the Ministry of DefenceThe Anonymous take down the websites of the Ministry of Information and Communication Technology and the Ministry of Defence.DDoSGovernmentHTH
1619/12/2016KapustkiySlovak Chamber of Commerce, scci.skKapustkiy breaches the Slovak Chamber of Commerce ( and accesses the data of more than 4,000 users.SQLiOrg: Chamber of CommerceCCSK
1719/12/2016Cryptolulz666Indian Institute of Technology Kharagpur ( hacks the database of the Indian Institute of Technology Kharagpur, the second of the country and leaks a part of the 12,000 users.SQLiEducationCCIN
1819/12/2016?EthereumAdministrators of the Ethereum Project say the platform incurred a breach affecting more than 16,500 users. The attacker used social engineering to gain access to a mobile phone number which allowed them to gain access to other accounts and ultimately compromise usernames, email addresses, profile data, public and private messages, and hashed passwords.Account HijackingDigital CurrencyCCN/A
1920/12/2016?Drudge ReportMatt Drudge, the founder of popular conservative news aggregation website Drudge Report has claimed the US government may be responsible for launching an unprecedented cyberattack against his publication that caused a 90 minute outage.DDoSNews AggregationsCCUS
2020/12/2016?Bleacher ReportBleacher Report reports that an unauthorized user gained access to user information for its website and mobile app.UnknownNewsCCUS
2120/12/2016OurMineOfficial Twitter account of Netflix US (@netflix)OurMine hackers strike again and take down the official Twitter accounts of Netflix US (@netflix)Account HijackingIndustry: EntertainmentCCUS
2220/12/2016Team Pak Cyber AttackersOfficial Google Bangladesh Domain ( group of Pakistani hackers going by the online handle of Team Pak Cyber Attackers deface the official Google Bangladesh domain. The group left a deface page along with a message on the targeted domain taunting security measures implemented by Google.DNS HjiackingIndustry: Internet ServicesCCBD
2320/12/2016?Kiev's Power GridUkraine investigates a suspected cyber attack on Kiev's power grid at the weekend, the latest in a series of strikes on its energy and financial infrastructureTargeted AttackUtility: EnergyCWUA
2420/12/2016?University of Nebraska-Lincoln (UNL)In a letter sent to approximately 30,000 current and former students, UNL says that an unauthorized breach of a server hosting a math placement exam occurred sometime in the last two years.UnknownEducationCCUS
2520/12/2016?Kia HyundaiYnet News report that Dozens of brand new luxury Kia and Hyundai vehicles were stolen in the Jerusalem area after criminals were able to hack into company servers and obtain data on the cars; three east Jerusalem residents have been arrested.UnknownIndustry: AutomotiveCCIL
2621/12/2016OurMineOfficial Twitter account of Marvel (@Marvel)OurMine hackers strike again and take down the Twitter accounts of Marvel (@Marvel) and other official super heros accounts linked via Tweetdeck.Account HijackingIndustry: EntertainmentCCUS
2721/12/2016OurMineOfficial Twitter account of NFL (@NFL)OurMine hackers take down the Twitter account of NFL (@NFL).Account HijackingOrg: SportCCUS
2821/12/2016?Columbia County School DistrictColumbia County School District in Georgia is hit by a breach that compromised personal data, including Social Security numbers, of staff.UnknownEducationCCUS
2921/12/2016?Columbia County School DistrictThe Columbia County School District reveals that one of their servers suffered a data breach. The attack happened on November 28th.UnknownEducationCCUS
3022/12/2016Russia?LithuaniaThe Baltic state of Lithuania, on the frontline of growing tensions between the West and Russia, says the Kremlin is responsible for cyber attacks that have hit government computers over the last two years.Targeted AttackGovernmentCELT
3122/12/2016Phantom Squad and @cripthepoodleSteam and Origin ServersThe DDoS attackers from Phantom Squad have claimed responsibility for conducting a series of powerful Distributed Denial of Service (DDoS) on Steam and online gaming platform Origin servers.DDoSIndustry: Video GamesCCUS
3222/12/2016KapustkiyCosta Rica Embassy in China ( hacks the Costa Rica Embassy in China ( and dumps 50 of the 280 login credentials.SQLiGovernmentCCCN
3322/12/2016CyberZeistfbi.govCyberZeist exploits a zero-day vulnerability in the Plone Content Management System (CMS) of the FBI’s website, and leaks some of the information to Pastebin.Unknown 0Day vulnerabilityGovernmentCCUS
3422/12/2016R.I.U. Star PatrolTumblrTumblr goes down for over two hours as a result of a large-scale DDoS attack.DDoSSocial NetworkCCUS
3522/12/2016AnonymousThai Ministry of Foreign AffairsIn name of #OpSingleGateway, the Anonymous hack the Thai Ministry of Foreign Affairs and dump more than 3,000 employees' records.UnknownGovernmentHTH
3622/12/2016AnonymousThai NavyAs part of the same operation the Anonymous hack the Thai Navy.UnknownMilitaryHTH
3723/12/2016Fancy Bear (APT28)Ukrainian Artillery UnitsFancy Bear, the hacker group previously linked to the Russian Military Intelligence (GRU), is believed to have deployed malware on Android devices to track and target Ukrainian artillery units over the past two years.Targeted AttackMilitaryCEUA
3823/12/2016AnonymousMinistry of Tourism and SportsThe Anonymous take down the website of the Thai Ministry of Tourism and Sports.DDoSGovernmentHTH
3923/12/2016?Owners of Barnes & Noble’s NOOKBarnes & Noble’s NOOK is the latest device infected with malware and sending user data to China.MalwareSingle IndividualsCCUS
4024/12/2016Cryptolulz666 and EvoIsGodThe Standard Hong Kong ( two hackers Cryptolulz666 and EvoIsGod break into The Standard Hong Kong ( and leak a portion of around 12000 users contained in the database.SQLiNewsCCHK
4125/12/2016KapustkiyRussian Visa Center in the US ( hacks the Russian Visa Center in the US and accesses information of around 3000 individuals.SQLiGovernmentCCUS
4225/12/2016Kapustkiy and Cryptolulz666Dutch Chamber of Commerce in Hong Kong ( hacker Cryptolulz666, with a little help from the colleague Kapustkiy, break into the website of the Dutch Chamber of Commerce in Hong Kong ( and leak the data of around 200 users.SQLiOrg: Chamber of CommerceCCHK
4325/12/2016The Dark OverlordDRI Title & EscrowThe Dark Overlord claims to have hacked DRI Title & Escrow and leaks some internal data.UnknownIndustry: Financial ServicesCCUS
4425/12/2016The Dark OverlordGS Polymers, Inc.The Dark Overlord claims to have hacked GS Polymers, Inc. and leaks some internal data.UnknownIndustry: Polymers ManufacturingCCUS
4526/12/2016?PakWheelsPakWheels, a famous automotive website in Pakistan reveals that their server was breached by an unknown third party exposing personal data of potentially 674,775 registered users. The breach happened in October 2016 exploiting a known vulnerability in outdated vBulletin forum software.vBulletin vulnerabilityOnline ServicesCCPK
4626/12/2016OurMineOfficial Sony Music Global Twitter Account (@SonyMusicGlobal)OurMine hack the Official Sony Music Global Twitter account (@SonyMusicGlobal) and Britney Spears joined the ranks of celebrities who have briefly died on the internetAccount HijackingIndustry: EntertainmentCCUS
4727/12/2016AnonymousThai LA consulate ( hacks the official website of Thai LA consulate ( and defaces its homepage with a brief message against the arrest of 9 suspects. The group also leaks the data of 900 records.DefacementGovernmentCCUS
4828/12/2016Fancy Bear (APT28)?OSCE (Organization for Security and Co-operation in Europe)The Organization for Security and Co-operation in Europe has recently confirmed a successful hack attack that occurred in November and which was launched by what are believed to be Russian hackers.Targeted AttackOrg: IntergovernmentalCEEU
4928/12/2016?ExtraTorrentExtraTorrent, one of the largest torrent sites on the internet suffered several major DDoS (Distributed Denial of Service) attacks over the past few days primarily because the site recently banned 'unofficial' proxy services.DDoSBit TorrentCCUS
5028/12/2016?Intercontinental Hotel Group (IHG)InterContinental Hotels Group (IHG), the parent company for more than 5,000 hotels worldwide including Holiday Inn, says it is investigating claims of a possible credit card breach at some U.S. locations.PoS MalwareIndustry: Hotel and HospitalityCCUS
5128/12/2016?State's Division of Public Behavioral Health (DPBH)The state's Division of Public Behavioral Health (DPBH) said it is investigating a compromise of its Medical Marijuana Program databaseUnknownGovernmentCCUS
5228/12/2016?Southcentral Foundation ( Foundation (SCF) in Alaska notifies 14,719 individuals after two employees’ email accounts containing protected health information were hacked in October.Account HijackingHealthcareCCUS
5329/12/2016APT28 APT29DNC (Democratic National Committee)The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) reval the details of "Grizzly Steppe", the operation through which two alleged Russian APTs (APT28 and APT29) hacked the Democratic National Committee since Summer 2015.Targeted AttackOrg: PoliticsCWUS
5430/12/2016?ToppsTopps, the maker of iconic collectable trading cards reveals that hackers could have stolen customers' credit and debit card numbers along with their associated security codes in a recent breach.UnknownIndustry: CollectiblesCCUS
5530/12/2016Anonymous & HackBackBilderberg GroupThe official website of the Bilderberg Group was compromised today, with attackers posting a message warning that future hacks would be possible unless members start working for the benefit of humanity.DefacementOrg: ConferencingHN/A
5630/12/2016OurMineNat Geo Photography Twitter Account (@NatGeoPhotos)The OurMine hacking group hacks the official Twitter account of Nat Geo Photography (@NatGeoPhotos) and starts a series of Tweets to its 2.71 million followers.Account HijackingOrg: Non-Profit (Science and Nature)CCUS
5730/12/2016Shin0bi_H4x0rPhilippine Military ( hacker going by the online handle of Shin0bi_H4x0r hacked and defaced the official website of the Philippine Military (
5831/12/2016Gh0s7Thailand’s National Statistical Office ( name of #OpSingleGateway Gh0s7 hacks the Thailand’s National Statistical Office ( and dumps the leaked data.UnknownGovernmentHTH
5931/12/2016?KeepKeyKeepKey, a hardware bitcoin wallet, discloses how a brief compromise of the company phone and email enabled the attacker to reset some account passwords.Account HijackingDigital CurrencyCCUS

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.