16-31 April 2016 Cyber Attacks Timeline
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXY
1
IDDateAuthorTargetDescriptionAttackTarget
Class
Attack
Class
CountryLinkTags
2
116/04/2016Team System DZSeveral targets in France, Israel, US, and the UKHacking group Team System Dz defaces 88 websites from France, Israel, the US, and the UK posting pro-ISIS messages.
Defacement>1CW>1http://news.softpedia.com/news/pro-isis-group-defaces-88-websites-in-three-day-rampage-503153.shtmlTeam System DZ, ISIS
3
217/04/2016?Coinroll Bitcoin CasinoCoinroll Bitcoin Casino admits that several users had the funds on their online accounts stolen. The breach could be related to an open MongoDB.UnknownBitcoin CasinoCCUShttp://news.softpedia.com/news/bitcoin-casino-stolen-user-funds-may-be-linked-to-unprotected-mongodb-database-503090.shtmlCoinroll Bitcoin Casino
4
318/04/2016?Robert MillardRobert Millard, a former Lehman Brothers executive wires a $2 million deposit for a $20 million Manhattan apartment to cyber criminals, who hacked the mailbox of his realtor.Account HijackingSingle IndividualsCCUShttp://nypost.com/2016/04/18/my-realtors-email-was-hacked-and-im-out-2m-execs-suit/Robert Millard
5
418/04/2016?Newark Police DepartmentNewark Police Department is forced to spend four days cleaning up after a virus attack.MalwareLaw EnforcementCCUShttp://www.zdnet.com/article/police-department-computers-hit-by-virus-attack/Newark Police Department
6
518/04/2016?dōTERRAdōTERRA notifies several customers and distributors of a possible data breach involving a third-party providing them with hosting and software services.UnknownIndustry: CosmeticsCCUShttp://www.databreaches.net/doterra-letter-informs-customers-of-possible-data-breach/dōTERRA
7
618/04/2016sn0nmayline.comsn0n hacks mayline.com and dumps 2,803 records with usernames and hashed passwords.SQLiIndustry: FurnitureCCUShttps://hacked-emails.com/leak/siph0n-4659sn0n, mayline.com
8
719/04/2016?Several Europe-based organisations, particularly in PolandResearchers from Palo Alto Networks identify PWOBot, a strain of malicious code written entirely in Python.Targeted Attack>1CE>1http://www.theregister.co.uk/2016/04/19/python_malware_windows_executable_poland/Palo Alto, PWOBot
9
819/04/2016?ADPIdentity thieves steal tax and salary data from payroll giant ADP by registering accounts in the names of employees at more than a dozen customer firms. ADP says the incidents occurred because the victim companies all mistakenly published sensitive ADP account information online that made those firms easy targets for tax fraudsters.Account HijackingIndustry: Bitcoin ExchangeCCUShttp://krebsonsecurity.com/2016/05/fraudsters-steal-tax-salary-data-from-adp/#more-34704ADP
10
919/04/2016Berkshire Hathaway Homestate, Cypress Insurance, Zenith InsuranceUndisclosed California WorkerA group of California workers claim in a federal lawsuit that three of the largest workers compensation insurance companies in California illegally broke into their lawyers' database and stole over 32,000 confidential workers comp files.Directory Traversal AttackIndustry: InsuranceCCUShttp://www.businessinsurance.com/article/20160425/NEWS08/160429899/lawsuit-claims-workers-comp-insurers-hacked-into-injured-workersBerkshire Hathaway Homestate, Cypress Insurance, Zenith Insurance
11
1019/04/2016?AIn Shams UniversityAn unknown hacker hacks the Staff Management Portal of the Ain Shams University (staff.asu.edu.eg) and dumps 2,280 records.SQLiEducationCCEGhttps://hacked-emails.com/leak/pb-A7jmbD3GAIn Shams University, staff.asu.edu.eg
12
1120/04/2016FIN6Several target in the retail and hospitality sectorsSecurity researchers from FireEye and iSight Partner revealed a report detailing the previously unknown mode of operation of a criminal group named FIN6. The group surfaced in 2015 and focused only on the theft of financial information, mainly credit card data from organizations in the retail and hospitality sectors.
Targeted AttackIndustry: Retail
Industry: Hotel and Hospitality
CC>1http://news.softpedia.com/news/fin6-group-stole-tens-of-millions-of-credit-card-records-from-pos-systems-503253.shtmlFIN6, FireEye, iSight Partner
13
1221/04/2016?Archdiocese of DenverArchdiocese of Denver notifies 18,000 individuals to have discovered a breach happened on November 2015 after an unauthorized person accessed an Archdiocese of Denver database maintained by a third-party.UnknownOrg: ReligionCCUShttp://www.scmagazine.com/18000-possibly-affected-by-archdiocese-of-denver-data-breach/article/491295/Archdiocese of Denver
14
1321/04/2016?BizmaticsA spree of data breaches affect Florida's Palm Beach County Health Department, Wisconsin's Oneida Health Center, Arkansas' Pain Treatment Centers of America (PTCOA), and Interventional Surgery Institute (ISI) and expose more than 23,000 patients' personal information after data servers belonging to third-party vendor Bizmatics are hacked.UnknownIndustry: SoftwareCCUShttp://www.esecurityplanet.com/network-security/healthcare-data-breaches-expose-23000-patients-personal-information.htmlFlorida's Palm Beach County Health Department, Wisconsin's Oneida Health Center, Arkansas' Pain Treatment Centers of America, PTCOA, Interventional Surgery Institute, ISI
15
1422/04/2016?UK Ministry of DefenceUp to 831 members of Britain's defence community with high-level security clearances had their personally identifying information stolen when the Ministry of Defence's business networking organisation was hacked earlier in November 2015 via the compromising of Niteworks, a MoD contractor.UnknownGovernmentCCUKhttp://www.theregister.co.uk/2016/04/22/mod_contractor_hacked_831_members_of_defence_community_exposed/MoD, Niteworks
16
1522/04/2016AnonymousDifferent Entities in Denmark, Iceland, and the Faroe IslandsAkamai reveals the details of OpKillingBay, an active campaign against whale-and-dolphin-eating nations.DDoSSeveral IndividualsH>1http://www.theregister.co.uk/2016/04/22/anonymous_whales_on_denmark_faroe_islands_with_opkillingbay_ddos/Anonymous, OpKillingBay
17
1622/04/2016New World Hackers (NWH)City of Denver's website (denvergov.org)Members of the New World Hackers (NWH), one of Anonymous' divisions, launch a DDoS attack against the city of Denver's website (denvergov.org)
DDoSGovernmentHUShttp://news.softpedia.com/news/anonymous-shuts-down-city-of-denver-website-after-another-fatal-police-shooting-503371.shtmlCity of Denver, denvergov.org, New World Hackers, NWH
18
1722/04/2016United Cyber CaliphateLamont Christian Reformed Church (lamontcrc.org)United Cyber Caliphate defaces the website of the Lamont Christian Reformed Church in the city leaving a pro-Jihadi message.
DefacementOrg: ReligionCWUShttp://news.softpedia.com/news/church-website-defaced-with-ominous-jihadi-message-503385.shtmllamontcrc.org, United Cyber Caliphate
19
1824/04/2016Ghost SquadKu Klux Klan websiteHackers from Ghost Squad take down the website of Ku Klux KlanDDoSOrg: PoliticsHUShttps://www.hackread.com/anonymous-ghost-squad-ddos-on-kkk-website/Ghost Squad, Ku Klux Klan
20
1924/04/2016?interbet.co.zaAn unknown hacker hacks interbet.co.za and dumps >35,000 records containing personal informationUnknownOnline BetCCZAhttp://pastebin.com/5VMVZp95interbet.co.za
21
2025/04/2016?BeautifulPeople.comForbes reveal that Unknown hackers were able to hack Beautifulpeople.com and leak the personal details of 1.1M members.UnknownDatingCCUShttp://www.forbes.com/sites/thomasbrewster/2016/04/25/beautiful-people-hack-sexual-preference-location-addresses/#416917d3559fBeautifulPeople.com
22
2125/04/2016?Qatar National Bank QNB.comDocuments purporting to be from the Qatar National Bank are leaked on a file-sharing site Cryptome.org. According to Cryptome, the leaked file contains more than 15,000 documents detailing more than 100,000 accounts with passwords and PINs.SQLiFinanceCCQAhttp://www.theregister.co.uk/2016/04/25/breaking_qatar_bank_hack/Qatar National Bank, QNB.com
23
2225/04/2016?Lansing Board of Water & Light (BWL)The Lansing Board of Water & Light (BWL) announces last week a cyber-attack that partially shuts down some of its services following what looks like an unconfirmed ransomware incident.
MalwareUtilityCCUShttp://news.softpedia.com/news/water-and-lighting-utility-faces-issues-because-of-ransomware-infection-503568.shtmlLansing Board of Water & Light, BWL
24
2325/04/2016?SpotifyA list containing hundreds of Spotify account credentials, including emails, usernames, passwords, account type and other details, appears on Pastebin, in what appears to be a possible hack. The company, asked, denies the incident.
UnknownIndustry: MusicCCSEhttp://techcrunch.com/2016/04/25/hundreds-of-spotify-credentials-appear-online-users-report-accounts-hacked-emails-changed/Spotify
25
2425/04/2016?The Grand Sierra ResortThe Grand Sierra Resort is the latest hospitality entity to disclose a data breach involving customers’ credit card information.  In this case, there appear to be two time frames during which cards used at their food and retail locations may have been compromised: for a one-month period in 2014 and again during a 5-month period in 2015.
PoS Malware?Industry: Hotel and HospitalityCCUShttp://www.databreaches.net/grand-sierra-resort-guest-payment-cards-breached-in-2014-and-again-in-2015/The Grand Sierra Resort
26
2526/04/2016?Lifeboat Minecraft CommunityOver seven million user accounts belonging to members of Minecraft community “Lifeboat” are hackedUnknownIndustry: Video GamesCCUShttp://motherboard.vice.com/read/another-day-another-hack-7-million-emails-and-hashed-passwords-for-minecraftLifeboat, Minecraft
27
2626/04/2016?RWE Gundremmingen plantA nuclear power plant in Germany is found to be infected with computer viruses, but they appear not to have posed a threat to the facility's operations because it is isolated from the Internet.MalwareIndustry: UtilityCCDEhttp://www.reuters.com/article/us-nuclearpower-cyber-germany-idUSKCN0XN2OSRWE, Gundremmingen
28
2726/04/2016?GoldcorpHackers breach Goldcorp and leak a 14.8 GB torrent containing personal information UnknownIndustry: Gold MiningCCCAhttp://www.dailydot.com/politics/goldcorp-hack-data-dump/Goldcorp
29
2826/04/2016China?U.S. Steel Corp.U.S. Steel Corp. asks the U.S. government to ban unfairly traded Chinese steel imports, alleging producers stole the fruits of decades of research in a 2010 hacking attack.
Targeted AttackIndustry: SteelCEUShttp://www.bloomberg.com/news/articles/2016-04-26/u-s-steel-accuses-china-of-trade-secret-theft-in-cyber-attack
U.S. Steel Corp., China
30
2927/04/2016?The Pirate BayMalwarebytes identifies a malvertising campaign on The Pirate Bay, distributing the Cerber Malware via the Magnitude Exploit Kit. The attackers took advantage of the leak of the sixth season of Game of Thrones.
MalvertisingTorrent CCSEhttp://www.theregister.co.uk/2016/04/27/pirate_bay_malvertising/Malwarebytes, The Pirate Bay, Cerber Malware, Magnitude Exploit Kit, Game of Thrones.
31
3027/04/2016PLATINUMSeveral Targets in South East AsiaMicrosoft reveals the details of PLATINUM, a group active primarily against targets in South East Asia since 2009.Targeted Attack>1CE>1http://arstechnica.com/security/2016/04/hacking-group-platinum-used-windows-own-patching-system-against-it/Microsoft, PLATINUM
32
3127/04/2016North Korea?Several Targets in AsiaForcepoint reveals the details of Jaku, a previously unknown botnet built for a multi-stage tracking and data exfiltration, primarily of targets in Asia.Targeted Attack>1CE>1http://www.infosecurity-magazine.com/news/jaku-botnet-rises-in-the-east/Forcepoint, Jaku
33
3227/04/2016?Lucky PetLuckyPet notifies the California State Attorney General's office of a data breach that compromised online customer information.Exploited Undisclosed VulnerabilityIndustry: E-CommerceCCUShttp://www.scmagazine.com/luckypet-data-breach-compromises-online-payment-info/article/492470/Lucky Pet
34
3327/04/2016Anonymous in KenyaKenyan Ministry of Foreign Affairs (mfa.go.ke)Anonymous In Kenya, leaks a trove of 1TB data from the Kenyan Ministry of Foreign Affairs.
UnknownGovernmentHKEhttp://news.softpedia.com/news/anonymous-hackers-leak-1tb-of-documents-from-kenya-s-ministry-of-foreign-affairs-503518.shtmlAnonymous in Kenya, mfa.go.ke
35
3428/04/2016?Solano Community CollegeSolano Community College is hit with a spearphishing attack leading to the W-2 information for about 1,200 staffers being compromised.Account HijackingEducationCCUShttp://www.scmagazine.com/1206-solano-community-college-employees-victimized-in-w-2-data-breach/article/493732/Solano Community College
36
3528/04/2016?Advanced International Marketing Inc.Advanced International Marketing Inc. notifies California's Attorney General that the company experienced a data breach that compromised its customers' name and state identification information.Exploited Undisclosed VulnerabilityIndustry: RetailCCUShttp://www.scmagazine.com/news/archive/10653/Advanced International Marketing Inc.
37
3629/04/2016?17 (an app particularly popular in Asia)A hacker advertises a cache of 20,000 email addresses, poorly secured passwords, phone numbers, and other information from users of photo sharing and video streaming app '17', which is particularly popular in Asia. UnknownIndustry: SoftwareCCTWhttp://www.scmagazine.com/new-cyberespionage-trojan-spreading-in-taiwan/article/485964/17
38
3729/04/2016?Maisto.comThe website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, is caught pushing ransomware.Outdated JoomlaIndustry: ToysCCHKhttp://arstechnica.com/security/2016/04/toymakers-website-pushes-ransomware-that-holds-visitors-files-hostage/maisto.com
39
3829/04/2016?Brunswick Corp.Brunswick Corp. is the last victim of a spear phishing scam that allows the attackers to steal W-2 information for possibly all 13,000 current and former company employees. Account HijackingIndustry: ConglomerateCCUShttp://www.scmagazine.com/brunswick-corps-13000-workers-w-2-data-compromised/article/494352/Brunswick Corp.
40
3929/04/2016?Several Targets in JapanSymantec reveals the details of a cyber-espionage group using compromised websites along with spear-phishing emails to deliver a backdoor trojan to organizations in Japan for the purpose of stealing sensitive information and private technologies.
Targeted Attack>1CEJPhttp://news.softpedia.com/news/tick-cyber-espionage-group-targets-japanese-companies-with-daserf-backdoors-503555.shtmlSymantec, Japan
41
4029/04/2016?Laremy Tunsil Twitter and Instagram AccountsLaremy Tunsil, a college football player has his Twitter and Instagram accounts hacked.
Account HijackingSingle IndividualsCCUShttp://news.softpedia.com/news/watching-an-nfl-player-get-hacked-on-live-tv-503556.shtmlLaremy Tunsil
42
4129/04/2016United Cyber Caliphate3,600 New York residentsA group of hackers linked to the Islamic State releases a hit list of thousands of New York
residents, urging the militant group's followers to target them.
UnknownSingle IndividualsCWUShttp://www.ibtimes.sg/isis-new-york-hit-list-hackers-post-details-3600-residents-online-1253ISIS, New York, United Cyber Caliphate
43
4230/04/2016Ghost SquadBlack Lives MatterHackers from Ghost Squad, one of the Anonymous subdivisions carrying out DDoS attacks against KKK members, launch similar attacks against the Black Lives Matter movement.
DDoSOrg: Social Movement/ActivismHUShttp://news.softpedia.com/news/anonymous-ghost-squad-hackers-take-down-black-lives-matter-website-503579.shtmlGhost Squad Hackers, Black Lives Matter
44
4330/04/2016?Gryphon TechnologiesGryphon Technologies joins the list of the companies falling victim of W-2 phishing scams.Account HijackingIndustry: System IntegrationCCUShttp://www.databreaches.net/federal-contractor-with-cybersecurity-ties-notifies-employees-after-w-2-info-acquired-by-targeted-phishing/
Gryphon Technologies
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...