16-31 May 2017 Cyber Attacks Timeline

Last Updated on July 24, 2017

Here’s the second timeline of May covering the main cyber attacks occurred in the second half or the month (first timeline here).

The month of May 2017 will be remembered in the Infosec memory for the outbreak of WannaCry, which has overshadowed another remarkable event like the hack of Zomato, with 17 million accounts ending up for sale in the black market.

The second half of May has also confirmed the sustained activity of Russian hackers in the cyber space. Alleged malicious actors from Russia are behind another attack against energy networks of the Baltic States, a campaign carried on via malware laced Twitter messages against the US Department of Defense, a hacking and disinformation campaign against more than 200 gmail users (a campaign orchestrated by APT28 and called Tainted Leaks), and an attack against the Trump Organization.

Scroll down the rest of the list to have an idea of all the events happened in May, and if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Additionally, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format.

ID	Date	Author	Target	Description	Attack	Target Class	Attack Class	Country
1	11/05/2017	Suspected Russia-backed hackers	Energy networks of the Baltic states	Reuters reports that Suspected Russia-backed hackers have launched exploratory cyber attacks against the energy networks of the Baltic states.	Targeted Attack	Utility: Energy	CW	>1
2	17/05/2017	?	UK Parliament	The Telegraph reveals that members of UK Parliament have been deliberately targeted by hackers trying to break into online accounts, earlier this year.	Account Hijacking	Government	CE	UK
3	17/05/2017	nclay	Zomato	Zomato, the popular restaurant and event listing service, is hacked and 17 million accounts are listed for sale on the dark web. The data on sale includes emails and hashed passwords of Zomato users, but the company said no payment or credit card data was leaked.	Unknown	Industry: Online Services	CC	IN
4	17/05/2017	?	Panic	Apple app maker Panic's CEO Steven Frank says he mistakenly downloaded the malware-laced DVD-ripping app HandBrake resulting in some of the company's source code being stolen.	Malware	Industry: Software	CC	US
5	18/05/2017	Russia?	US Department of Defense	A Times report suggests that Russia may have used Twitter as a tool of international espionage: agents of the Russian government could have sent malware-laced Twitter messages to more than 10,000 employees of the US Department of Defense.	Malware	Government	CE	US
6	18/05/2017	?	DaFont.com	The popular font sharing site DaFont.com is hacked, exposing the site's entire database of 699,464 user accounts.	SQLi	Online Services	CC	US
7	18/05/2017	?	PureMatrimony.com	Muslim focused site PureMatrimony.com says it has informed its users of an apparent data breach, and asked them to reset their passwords. 120,000 accounts are compromised.	Unknown	Dating	CC	US
8	18/05/2017	?	Equifax	Equifax reveals the details of an unauthorized access to customers’ employee tax records happened between April 17, 2016 and March 29, 2017. The list of victims includes including defense contractor giant Northrop Grumman; staffing firm Allegis Group; Saint-Gobain Corp.; Erickson Living; and the University of Louisville.	Account Hijacking	Industry: Credit risk assessment	CC	US
9	19/05/2017	?	Salem State University Twitter Account	Salem State University officials apologize after several racist tweets (against Black Lives Matter) were sent out when the school’s Twitter account was hacked (@SalemState).	Account Hijacking	Education	CC	US
10	19/05/2017	?	Blackburn High School	Police investigate a major privacy breach at Blackburn High School, which saw the personal information of families, including their phone numbers, addresses and Medicare details, published online.	Account Hijacking	Education	CC	AU
11	22/05/2017	?	Florida Department of Agriculture and Consumer Services	Florida officials reveal that hackers may have stolen the names of over 16,000 people who have concealed weapon permits in the state. The breach occurred two weeks ago through its online payment system, which processes payments for customers' permits and other applications.	Unknown	Government	CC	US
12	22/05/2017	?	Xbox Users	Microsoft files a complaint against iGSKY, presenting itself as a gaming serving company, accusing it to sell hacked Xbox accounts.	Unknown	SIngle Individuals	CC	>1
13	23/05/2017	?	Single Business Users	Researchers from security firm Cylance reveal that Qakbot, an information-stealing Trojan and backdoor malware that targets the Microsoft Windows operating system, is back with a new campaign nastier than before.	Malware	Single Individuals	CC	>1
14	24/05/2017	?	Qatar News Agency	Unknown hackers break into the website of the Qatar state-run news agency and publish a fake story quoting the ruling emir making controversial comments. The Twitter feed is also compromised posting fake quotes from Qatar's foreign minister alleging a plot against the country by other Arab nations.	Account Hijacking	News	CC	QA
15	25/05/2017	APT28	200 victims, including journalists and activists critical of the Russian government, people affiliated with the Ukrainian military, and high-ranking officials in energy companies around the world	Security researchers from CitizenLab expose the details of Tainted Leaks, a sophisticated hacking and disinformation campaign that targeted more than 200 Gmail users.	Account Hijacking	Single Individuals	CE	>1
16	25/05/2017	?	Android Users	Researchers from Check Point reveal the details of Judy, what could be possibly the largest malware campaign spreading through Google Play. The suspicious code was observed in more than 40 applications, most allegedly developed by a Korean company called Kiniwini.	Malware	Single Individuals	CC	>1
17	25/05/2017	?	The Harvard Crimson	The website of Harvard’s 144-year-old newspaper is defaced and posts fake stories and an altered picture of Facebook CEO Mark Zuckerberg (who was visiting the institution).	Defacement	Education	CC	US
18	25/05/2017	?	Multiple Websites	Malwarebytes reveals the details of RoughTed, an anti ad-blocker malvertiser able to distribute the Cerbrer ransomware.	Malvertising	Single Individuals	CC	>1
19	25/05/1971	?	University of Wisconsin Health	UW Health says that 2,036 patients had information compromised after an employee's email account was used by an unauthorized user on March 28, 2017.	Account Hijacking	Healhcare	CC	US
20	26/05/2017	Russia?	Trump Organization	ABC News reveals that the FBI is investigating an attempted overseas cyberattack against the Trump Organization, summoning President Donald Trump’s sons, Don Jr. and Eric, for an emergency session with the bureau’s cybersecurity agents and representatives of the CIA.	Unknown	Industry: Conglomerate	CE	US
21	26/05/2017	?	Prairie Mountain Health	Personal and medical information of more than 1,000 Prairie Mountain Health patients are at risk after an internal website is hacked.	Unknown	Healhcare	CC	US
22	28/05/2017	?	Fast Health	Fast Health reports a security breach that could affect over 700 of their patients, when a third-party altered a code on their server, stealing the credit card information of close to 700 customers who paid bills online from January 14, 2016 to December 20, 2016.	Malware	Healhcare	CC	US
23	28/05/2017	?	Augusta University	A phishing attack hits Augusta University faculty email accounts containing the health information of patients.	Account Hijacking	Education	CC	US
24	29/05/2017	?	Liverpool One Shopping Centre	Liverpool One shopping centre is forced to shut down a slew of digital billboards after an unknown hacker tampers with the signage.	Unknown	Industry: Retail	CC	UK
25	30/05/2017	?	Old Mutual	Financial services company Old Mutual has notified its customers of a data breach, after it detected unauthorised entry to one of its systems which led to some personal customer information being accessed.	Unknown	Industry: Financial Services	CC	AU
26	31/05/2017	?	OneLogin	OneLogin reveals the details about an attack on its systems, confirming that a "threat actor" has accessed database tables including "information about users, apps, and various types of keys." The attacker has been able to rifle through OneLogin's infrastructure for seven hours, may have been able to decrypt customer data.	AWS Keys Hijacking	Industry: Cloud Computing	CC	US
27	31/05/2017	?	Kmart	For the second time in less than three years, Kmart Stores suffers a malware-based security breach of its store credit card processing systems.	PoS Malware	Industry: Retail	CC	US
28	31/05/2017	?	Qnect	Qnect, a Sydney startup has its customer data stolen with the hackers threatening to publish the information unless bitcoins are paid out.	Unknown	Industry: Ticketing	CC	AU
29	31/05/2017	?	University of Alaska	A phishing scam in December 2016 resulted in a data breach at the University of Alaska, affecting around 25,000 students, staff and faculty members.	Account Hijacking	Education	CC	US
30	31/05/2017	?	Road Sign in Houston	Someone hacks a road sign in Houston with a message against Donald Trump.	Unknown	Road Sign	CC	US

Related Posts

Like this:

Leave a Reply Cancel reply