Table of Contents
The Year 2015 – Data Breaches
July: United Airlines revealed that its computer systems were hacked in May or early June, compromising manifest data that detailed the movements of millions of Americans.
The report, citing “several people familiar with the probe,” stated that the group behind this attack is the same group suspected of the Office of Personnel Management hack discovered in June.
Hacking Team, an Italy-based firm accused of the unethical sale of surveillance technology worldwide, was hacked and hundreds of gigabytes of sensitive data were stolen.
Confidential documents leaked by the hackers appeared to show Hacking Team’s material support for authoritarian governments such as those in Sudan, Ethiopia, Morocco, and the United Arab Emirates.
The website of the Permanent Court of Arbitration in The Hague went offline in an incident that sources are connecting to hearings regarding China’s claims to territory in the South China Sea.
The breach was traced back to an IP address in China. The vulnerability spread malware to the devices of website visitors.
June: Japan Pension Service (JPS) was hacked resulting in the exfiltration of personal data belonging to 1.25 million people.
German media reports that hackers breached the lower house of parliament on the Bundestag network and exfiltrated data from over 20,000 accounts.
German weekly Der Spiegel said that the Kremlin is the primary suspect behind the attack and that the malware involved closely resembles that used in a 2014 attack on a German data network.
May: Hong Kong-based undersea cable company Pacnet’s business management systems were breached by malicious software that accessed sensitive data stored on a SQL server.
Chinese hackers exfiltrated significant amounts of customer data from United Airlines.
The Yemen Cyber Army claims it breached a server belonging to the Saudi Ministry of Foreign Affairs. The hackers led to the alleged login credentials of Saudi Officials, as well as usernames, phone numbers, and email addresses.
February: Anthem, a U.S. health insurance company, is hacked, resulting in the theft of 80 million customers’ personally identifiable information. The information was taken from an unencrypted database. This may have been part of a larger campaign that included the OPM hack.
The Year 2014 – Data Breaches
November: Sony Pictures Entertainment is hacked with malware deleting data and the hackers posting online employees’ personal information and unreleased films. An FBI investigation revealed North Korea to be behind the attack.
October: Ten percent of Dairy Queen outlets are hacked and customer credit card data is compromised. Like the Target hack, hackers reportedly exploited a third-party system to obtain access.
September: The Department of State reports breaches of its unclassified networks and shut down its entire unclassified email system to repair possible damage.
A month later, “suspicious cyber activity” was noticed on a White House computer network, but the White House said that no classified networks had been breached.
Home Depot reports a server breach affecting 56 million debit cards in the U.S. and Canada.
July: Hackers in Eastern Europe breached energy sectors in the U.S., Spain, France, Italy, Germany, Turkey, and Poland in a major cyberespionage campaign.
U.S. Office of Personnel Management networks that contain information on thousands of applicants for top-secret clearances is breached.
May: Alleged Chinese hackers posed as C-Suite executives in a spear phishing campaign to
access the network of Alcoa. The hackers stole 2,907 emails and 863 attachments.
Chinese military hackers targeted six American companies in the power, metals, and
solar products industries and stole trade secret information. The U.S. Department of Justice
indicted them and identified them as members of the People’s Liberation Army Unit 61398.
March: The OPM contractor responsible for U.S. security clearance background investigations is breached, allegedly by Chinese hackers.
Cybercriminals steal 40 million credit card numbers from Target, with an additional 70 million accounts compromised.
Indian Army and DRDO computers (Defense Research and Development Organization) were hacked, and the Indian government warned that the spyware could read the files of computers not even connected to the internet.
January: Hackers targeted 28 embassies in Tehran using emails about the Syrian conflict that contained new data-mining malware.
The Year 2013 – Data Breaches
November: Federal prosecutors announced that Vietnamese cyber criminals obtained as many as 200 million personal records, including Social Security numbers, credit card data, and bank account information.
October: Finland’s Foreign Minister reports that hackers breached Finland’s diplomatic communications.
May: The Syrian Electronic Army claims to have breached the Saudi Arabian Ministry of Defense email system and leaked several confidential emails.
Over the course of the month, unknown hackers breached major automotive parts suppliers in North America and Europe.
February: DHS says that between December 2011 and June 2012, cyber criminals targeted 23 gas pipeline companies and stole information that could be used for sabotage purposes. Forensic data suggests the probes originated in China.
The Year 2012 – Data Breaches
September: Chinese hackers infiltrated Telvent Canada, an industrial automation company, and stole data related to SCADA systems throughout North America.
August: A group called “Cutting Sword of Justice” linked to Iran claimed it has used the “Shamoon” virus to attack Aramco, a major Saudi oil supplier, deleting data on 30,000 computers and infecting (without causing damage) control systems. The attack also affected the Qatari company RasGas, a major LNG supplier.
July: Indian naval officials confirmed that a virus had collected data from sensitive computer systems at the country’s Eastern Naval Command headquarters and sent the data to Chinese IP addresses.
The virus allegedly entered the Navy’s network via infected USB drives, which were used to transfer data from standalone computers holding sensitive files to networked systems.
A Trojan nicknamed “Mahdi” found gathering data from approximately 800 critical infrastructure engineering firms, government agencies, financial houses, and academia throughout the Middle East and beyond, predominantly in Israel and Iran. The virus contains Persian language strings.
June: DHS reported that between December 2011 and June 2012, hackers targeted 23 gas pipeline companies and stole information that could be used for sabotage purposes. Forensic data suggests the probes originated in China.
April: Iran was forced to disconnect key oil facilities after a cyberattack against internal computer systems.
The malware was found inside the control systems of Kharg Island – Iran’s main oil exporting terminal. Equipment at Kharg Island and at other Iranian oil plants was disconnected from the internet as a precaution.
Iran reported that oil production was not affected, but the websites of the Iranian oil ministry and national oil company were forced offline and data about users of the sites was taken as a result of the attack.