Skip to content

Recent Data Breaches List – October 2022

  • 29 min read
  • by
recent data breaches list

Hackers targeted a communications platform in Australia, which handles Department of Defence data, in a ransomware attack. The government believes hackers breached sensitive government data in this attack.

A Ukrainian newspaper published hacked data claiming to be sensitive information from Russian defense contractors. The hackers responsible are part of an anti-Putin group in Russia.

6.5 million citizens on Israel’s voter registry with personal information such as phone numbers and family connections are leaked online by hackers after they breached Shas party database.

U.S. Home goods retailer Bed, Bath & Beyond’s company data has been improperly accessed by a phishing scam targeting an employee’s s hard drive and another shared drive. The retailer says no sensitive or personally identifiable information was accessed by the hacker.

About 11,000 U.S. Bank credit card customers’ personal information like names, Social Security numbers, closed account numbers and outstanding balances was accidentally shared by one of the bank’s third-party vendors. The bank will now provide free online credit monitoring service for affected customers for at least two years.

Table of Contents

September 2022 – Data Breaches

China accused the U.S. National Security Agency (NSA) of numerous cyberattacks against China’s Northwestern Polytechnical University. Authorities claim the NSA stole user data and infiltrated digital communications networks.

Hackers targeted the Mexican Defense Ministry and accessed six terabytes of data, including internal communications, criminal data, and data that revealed Mexico’s monitoring of Ken Salazar, the U.S. Ambassador to Mexico. Mexican President Andres Manuel Lopez Obrador confirmed the authenticity of the data, including personal health data released to the public.

August 2022 – Data Breaches

Hackers targeted Greece’s largest natural gas distributor DESFA causing a system outage and data exposure.

A Russian group claimed responsibility for breaching a privately owned UK water supply company South Staffordshire Water and leaking files in an extortion attempt.

Hackers targeted Montenegro’s government institutions, breaching the computer systems of several state bodies. Montenegro’s Defense Minister stated there was sufficient evidence to suspect Russia was behind the attack.

July 2022 – Data Breaches

Hackers targeted Iran’s Islamic Culture and Communication Organization (ICCO). The attack took down at least 6 websites, placed images of Iranian resistance leaders on fifteen additional sites, wiped databases and computers and allowed hackers to obtain access to sensitive ICCO data.

A hacker claimed to acquire records on 1 billion Chinese from a Shanghai police database and posted the data for sale online.

China stated the United States stole 97 billion pieces of global internet data and 124 billion pieces of telephone data in June, specifically blaming the National Security Agency (NSA)’s Office of Tailored Access Operations (TAO).

Iranian actors deployed ransomware on Albanian Government networks that destroyed data and disrupted government services.

Hackers breached a Ukrainian media company to broadcast on multiple radio stations that Ukrainian President Volodymyr Zelenskyy was in critical condition. Zelenskyy refuted the claims and blamed Russia for the attack.

June 2022 – Data Breaches

Hackers targeted Harmony’s Horizon, a blockchain bridge, accessing personal data that ultimately led to the theft of approximately $100 million. Blockchain analytics firm Elliptic linked North Korea to the attack.

The FBI, National Security Agency (NSA) and CISA announced that Chinese state-sponsored hackers targeted and breached major telecommunications companies and network service providers since at least 2020.

Hackers leaked files and photos known as “The Xinjiang Police Files” displaying human rights abuses committed by the Chinese government against the Uyghur population.

May 2022 – Data Breaches

Hackers targeted Greenland’s healthcare system, causing networks to crash throughout the island. While an initial diagnosis determined the attack did not damage or expose citizens’ data, it made health services severely limited.

April 2022 – Data Breaches

Russian hackers targeted the Costa Rican Ministry of Finance in a cyberattack, crippling tax collection and export systems. The newly elected President of Costa Rica declared a national emergency as a result of the attack and the group asked for $20 million in ransom or it plans to leak the stolen data.

March 2022 – Data Breaches

The European Banking Authority was targeted using a vulnerability in Microsoft’s mail server software, but no data was compromised. Various attacks using this vulnerability have been attributed to a Chinese government-backed actor.

February 2022 – Data Breaches

Russian state-sponsored actors hacked into numerous U.S. defense contractors between January 2020 and February 2022. The hackers exfiltrated emails and sensitive data relating to the companies’ export-controlled products and proprietary information and interactions with foreign governments.

An investigation led by Mandiant discovered that hackers linked to the Chinese- government compromised email accounts belonging to Wall Street Journal journalists. The hackers allegedly surveilled and exfiltrated data from the newspaper for over two years beginning in at least February 2020.

January 2022 – Data Breaches

Hackers breached systems belonging to the International Committee of the Red Cross, gaining access to data on more than 500,000 people and disrupting their services around the world. Researchers discovered that the operation may be linked to a sprawling influence operation based in Iran.

A Chinese hacking group breached several German pharma and tech firms. According to the German government, the hack into the networks of service providers and companies was primarily an attempt to steal intellectual property.

Hackers breached the Canadian Foreign Ministry, hampering some of the Ministry’s internet-connected services. The hack came a day after the government issued a warning to bolster network security in anticipation of Russia-based cyberattacks on critical infrastructure.

November 2021 – Data Breaches

A vendor that handles data for the UK Labour Party was subject to a cyberattack, affecting the data of its members and affiliates.

The stock trading platform, Robinhood, disclosed a social engineering cyberattack that allowed a hacker to gain access to the personal information of around 7 million customers. The data included names, email addresses, and for some, date of birth, and zip codes. Following the breach, the hacker requested payment, presumably not to disclose the stolen data.

October 2021 – Data Breaches

Hackers leaked data and photos from the Israeli Defense Ministry after gaining access to 165 servers and 254 websites, overall compiling around 11 terabytes of data.

September 2021 – Data Breaches

Chinese state-linked hackers targeted Afghan telecom provider Roshan and stole gigabytes of data from their corporate mail server over the past year.

Hackers obtained 15 TB of data from 8,000 organizations working with Israel- based company, Voicenter and offered the data online for $1.5 million. Some experts have stipulated the hackers have ties to Iran, but no link has been confirmed.

August 2021 – Data Breaches

A cyberattack on the government of Belarus compromised dozens of police and interior ministry databases. The hack claims to be a part of an attempt to overthrow President Alexander Lukashenko’s regime.

July 2021 – Data Breaches

Estonia stated a Tallinn-based hacker downloaded 286,438 ID photos from the government database, exposing a vulnerability in a platform managed by their Information System Authority (RIA).

A cyberattack gained access to 1 terabyte of data from the Saudi Arabian Oil Company through zero-day exploitation. Hackers are offering to delete the data in exchange for $50 million in cryptocurrency.

June 2021 – Data Breaches

United States Naval Institute (USNI) claimed the tracking data of two NATO ships, the U.K. Royal Navy’s HMS Defender and the Royal Netherlands Navy’s HNLMS Evertsen, was falsified off the coast of a Russian-controlled naval base in the Black Sea. The faked data positioned the two warships at the entrance of a major Russian naval base.

April 2021 – Data Breaches

New York City’s Metropolitan Transportation Authority (MTA) was hacked by Chinese-backed actors but was unable to gain access to user data or information systems.

March 2021 – Data Breaches

Ukraine’s State Security Service announced it had prevented a large-scale attack by Russian FSB hackers attempting to gain access to classified government data.

Chinese government hackers targeted Microsoft’s enterprise email software to steal data from over 30,000 organizations around the world, including government agencies, legislative bodies, law firms, defense contractors, infectious disease researchers, and policy think tanks.

February 2021 – Data Breaches

A Portuguese-speaking cyber criminal group accessed computer systems at a division of Oxford University researching COVID-19 vaccines and is suspected to be selling the data they collected to nation-states.

Hackers linked to the Vietnamese government conducted a nearly three-year cyber espionage campaign against human rights advocates in the country by using spyware to infiltrate individuals’ systems, spy on their activity, and exfiltrate data.

January 2021 – Data Breaches

Hackers linked to Hezbollah breached telecom companies, internet service providers, and hosting providers in the US, UK, Egypt, Israel, Lebanon, Jordan, Saudi Arabia, the UAE, and the Palestinian Authority for intelligence gathering and data theft.

Unidentified hackers breached one of the data centers of New Zealand’s central bank.

December 2020 – Data Breaches

On Christmas Eve, hackers hit the Scottish Environment Protection Agency with a ransomware attack. After deciding not to pay the ransom, the hackers published the data that had been stolen.

More than 40 Israeli companies had data stolen after Iranian hackers compromised a developer of logistics management software and used their access to exfiltrate data from the firm’s clients.

Suspected Chinese hackers targeted government agencies and the National Data Center of Mongolia as part of a phishing campaign.

Hackers accessed data related to the COVID-19 vaccine being developed by Pfizer during an attack on the European Medicines Agency.

Over 200 organizations around the world—including multiple US government agencies—were revealed to have been breached by Russian hackers who compromised the software provider SolarWinds and exploited their access to monitor internal operations and exfiltrate data.

October 2020 – Data Breaches

The FBI and CISA announced that a Russian hacking group breached U.S. state and local government networks, as well as aviation networks, and exfiltrated data.

The U.S. Department of Homeland Security revealed that hackers targeted the U.S. Census Bureau in a possible attempt to collect bulk data, alter registration information, compromise census infrastructure, or conduct DoS attacks.

August 2020 – Data Breaches

Taiwan accused Chinese hackers of infiltrating the information systems of at least ten government agencies and 6,000 email accounts to gain access to citizens’ personal data and government information.

June 2020 – Data Breaches

North Korean state hackers sent COVID-19-themed phishing emails to more than 5 million businesses and individuals in Singapore, Japan, the United States, South Korea, India, and the UK in an attempt to steal personal and financial data.

April 2020 – Data Breaches

Suspected Vietnamese government hackers used malicious apps uploaded to the Google Play app store to infect users in South and Southeast Asia with spyware capable of monitoring the target’s call logs, geolocation data, and text messages.

February 2020 – Data Breaches

Mexico’s economy ministry announced it had detected a cyber attack launched against the ministry’s networks, but that no sensitive data had been exposed.

The U.S. Defense Information Systems Agency announced it had suffered a data breach exposing the personal information of an unspecified number of individuals.

Chinese targeted Malaysian government officials to steal data related to government-backed projects in the region.

January 2020 – Data Breaches

January 2020. Mitsubishi announces that a suspected Chinese group had targeted the company as part of a massive cyberattack that compromised the personal data of 8,000 individuals as well as information relating to partnering businesses and government agencies, including projects relating to defense equipment.

October 2020 – Data Breaches

A state-sponsored hacking campaign knocked offline more than 2,000 websites across Georgia, including government and court websites containing case materials and personal data. More than 20 countries later attributed the attack to Russia.

India announced that North Korean malware designed for data extraction had been identified in the networks of a nuclear power plant.

Iranian hackers targeted more than 170 universities around the world between 2013 and 2017, stealing $3.4 billion worth of intellectual property and selling stolen data to Iranian customers.

A Chinese government-sponsored propaganda app with more than 100 million users was found to have been programmed to have a backdoor granting access to location data, messages, photos, and browsing history, as well as remotely activating audio recordings.

August 2019 – Data Breaches

August 2019. A previously unidentified Chinese espionage group was found to have worked since 2012 to gather data from foreign firms in industries identified as strategic priorities by the Chinese government, including telecommunications, healthcare, semiconductor manufacturing, and machine learning. The group was also active in the theft of virtual currencies and the monitoring of dissidents in Hong Kong.

July 2019 – Data Breaches

Capital One reveals that a hacker accessed data on 100 million credit card applications, including Social Security and bank account numbers.

June 2019 – Data Breaches

Chinese intelligence services hacked into the Australian University to collect data they could use to groom students as informants before they were hired into the civil service.

March 2019 – Data Breaches

Indonesia’s National Election Commission reported that Chinese and Russian hackers had probed Indonesia’s voter database ahead of presidential and legislative elections in the country.

Iranian hackers targeted thousands of people at more than 200 oil and gas and heavy machinery companies across the world, stealing corporate secrets and wiping data from computers.

January 2019 – Data Breaches

The U.S. Securities and Exchange Commission charged a group of hackers from the U.S., Russia, and Ukraine with the 2016 breach of the SEC’s online corporate filing portal exploited to execute trades based on non-public information

December 2018 – Data Breaches

The U.S. Navy officials report that Chinese hackers had repeatedly stolen information from Navy contractors including ship maintenance data and missile plans.

Secretary of State Mike Pompeo confirmed that Chinese hackers breached the systems of an American hotel chain, stealing the personal information of over 500 million customers

October 2018 – Data Breaches

The Centers for Medicare and Medicaid Services announced that hackers had compromised a government computer system, gaining access to the personal data of 75,000 people ahead of the start of ACA sign-up season.

September 2018 – Data Breaches

The U.S. Department of Justice announces the indictment and extradition of a Russian hacker accused of participating in the hack of JP Morgan Chase in 2014, leading to the theft of data from over 80 million customers.

The U.S. State Department suffers a breach of one of its unclassified email systems, exposing the personal information of several hundred employees.

Chinese hackers breached the systems of the Starwood hotel chain in 2014. It is estimated that the personal information of up to 500 million people was stolen.

July 2018 – Data Breaches

Australian National University (ANU) was found to have been breached by Chinese hackers in an attack believed to be motivated by a desire to siphon intellectual property from the institution.

June 2018 – Data Breaches

Marketing data firm Exactis suffered a data breach exposing the information of 340 million people, including their political preferences, browsing habits, and purchase data.

Chinese hackers were found to be engaged in a cyber espionage campaign to collect data from satellite, telecom, and defense organizations in the U.S. and Southeast Asia.

A Chinese hacking group targeted a national data center in a Central Asian country, preparing a watering hole attack to inject malicious code onto other government websites connecting to the data center.

Chinese government hackers compromised the networks of a U.S. Navy contractor, stealing 614 GB of data related to weapons, sensors, and communication systems under development for U.S. submarines.

April 2018 – Data Breaches

A cyber espionage campaign originating in China collected data from satellite, telecom, and defense organizations in the United States and Southeast Asia.

March 2018 – Data Breaches

A data breach of the company Under Armor compromised the information of 150 million users of its fitness and nutrition tracking app MyFitnessPal.

February 2018 – Data Breaches

German news reported that a Russian hacking group had breached the online networks of Germany’s foreign and interior ministries, exfiltrating at least 17 gigabytes of data in an intrusion that went undetected for a year.

January 2018 – Data Breaches

Norwegian officials discover a “very professional” attempt to steal patient data from a Norwegian hospital system, in an attack they speculate was connected to the upcoming NATO Trident Juncture 18 military exercise.

The Unique Identification Authority of India and its Aadhaar system are hacked by unknown actors, resulting in the personal data of more than 1 billion people being available for purchase.

December 2017 – Data Breaches

The state-owned China Aerospace Science and Industry Corporation (CASIC) is alleged to have pre-installed backdoors in biometric equipment sold to Taiwan for its e-Gate border control system. The backdoors would have allowed CASIC to gather private data on both Taiwanese and foreign citizens traveling in and out of the country since the system’s installation in 2012.

November 2017 – Data Breaches

Uber discloses that it paid hackers $100,000 to delete the stolen data of 57 million of its customers and drivers, including names, phone numbers, email addresses, and license plate numbers.

October 2017 – Data Breaches

A major wave of ransomware infections hits media organizations, train stations, airports, and government agencies in Russia and Eastern Europe. Security researchers found strong evidence linking the attack to the creators of NotPetya, and noted that the malware used leaked NSA-linked exploits to move through networks. Ukrainian police later reported that the ransomware was a cover for a quiet phishing campaign undertaken by the same actor to gain remote access to financial and other confidential data.

North Korean hackers allegedly broke into South Korea’s defense data center in 2016 and stole a large trove of sensitive documents over the course of a year, including joint U.S.- South Korean blueprints for war on the peninsula.

The Australian Government revealed that hackers compromised an Australian national security contractor in 2016 and stole large amounts of data, including information related to the development of the F-35 Joint Strike Fighter.

Yahoo updates the previous projections of 1 billion accounts affected in its massive 2013 breach, acknowledging that all 3 billion accounts were compromised.

September 2017 – Data Breaches

Credit monitoring firm Equifax disclosed a July data breach that revealed 143 million people’s full names, social security numbers, birth dates, home addresses and driver’s license numbers, as well as 209,000 credit card numbers.

July 2017 – Data Breaches

The Swedish Transport Agency’s outsourced data is hacked, potentially compromising confidential information and classified information on military plans.

Hackers attacked a partner of UniCredit, Italy’s largest bank, gaining access to loan and biographical data from 400,000 client accounts.

May 2017 – Data Breaches

Beginning in 2011, Hackers from the internet security firm Boyusec compromised the networks of three companies over a multi-year period and gained access to confidential documents and data, including sensitive internal communications, usernames and passwords, and business and commercial information.

April 2017 – Data Breaches

Irish state-owned utility EirGrid suffered a security breach at the hands of state-sponsored hackers involving a virtual wiretap allowing access to the company’s unencrypted communications.

February 2017 – Data Breaches

An Iranian hacker group targeted actors associated with the U.S. defense industrial base as well as at least one human rights activist in a campaign to steal credentials and other data.

A sophisticated malware operation extracted over 600 gigabytes of data from 70 mostly Ukrainian targets in the fields of critical infrastructure, news media, and scientific research.

A suspected Russian hacker breached at least 60 universities and US government organizations using SQL injections, including HUD, NOAA, Cornell University, and NYU, among many others. This follows up on a hack by the same actor against the U.S. Electoral Assistance Commission in December 2016.

December 2016 – Data Breaches

Yahoo revealed that its systems had been intruded into in August 2013 and that the breach compromised one billion user accounts. Compromised data included usernames, email addresses, phone numbers, dates of birth, passwords, and security questions and answers. The data was posted for sale for $200,000 or the best offer on underground forums.

November 2016 – Data Breaches

The hard-drive-wiping “Shamoon” virus used against Saudi Aramco in 2012 was deployed against four Saudi Arabian government agencies. The attack wiped data on thousands of computers at Saudi’s General Authority of Civil Aviation and other agencies.

August 2016 – Data Breaches

A cybercriminal gang purportedly from Russia breached enterprise software company Oracle’s systems, possibly installing malware on point-of-sale (POS) systems. The POS malware would then allow hackers to gain access to financial information in data breaches at major retailers.

Designs and data regarding India’s Scorpene submarines were leaked from the French shipbuilder DCNS. DCNS also builds submarines for Malaysia and Chile and recently won contracts to build submarines for Brazil and Australia.

July 2016 – Data Breaches

A Chinese cyber espionage group targeted defense industries in Russia, Belarus, and Mongolia with APTs using phishing campaigns to exfiltrate data.

May 2016 – Data Breaches

Germany’s domestic intelligence agency accused Russia of perpetrating a series of cyber attacks on the German Bundestag in 2015. The attackers made off with an undisclosed amount of data.

April 2016 – Data Breaches

The Philippine Commission on Elections (COMELEC) database was breached, exposing the personal information of all 55 million registered Filipino voters, including fingerprint data, passport numbers and expiry dates, and intentions to run for office.

North Korean hackers stole warship blueprints from the database of a South Korean shipbuilder.

March 2016 – Data Breaches

Finland’s foreign ministry discovered it had been the victim of a four-year breach in its computer network.

February 2016 – Data Breaches

Hackers breached the U.S. Department of Justice’s database, stealing and releasing the names, phone numbers, and email addresses of 30,000 DHS and FBI employees.

The Internal Revenue Service (IRS) announced that a breach of its systems in May 2015 had compromised over 700,000 American taxpayers. The IRS suspected that a Russian tax fraud operation is responsible for the breach.

July 2015 – Data Breaches

United Airlines revealed that its computer systems were hacked in May or early June, compromising manifest data that detailed the movements of millions of Americans. The report, citing “several people familiar with the probe,” stated that the group behind this attack is the same group suspected of the Office of Personnel Management hack discovered in June.

Hacking Team, an Italy-based firm accused of the unethical sale of surveillance technology worldwide, was hacked and hundreds of gigabytes of sensitive data were stolen. Confidential documents leaked by the hackers appeared to show Hacking Team’s material support for authoritarian governments such as those in Sudan, Ethiopia, Morocco, and the United Arab Emirates.

The website of the Permanent Court of Arbitration in The Hague went offline in an incident that sources are connecting to hearings regarding China’s claims to territory in the South China Sea. The breach was traced back to an IP address in China. The vulnerability spread malware to the devices of website visitors.

June 2015 – Data Breaches

Japan Pension Service (JPS) was hacked resulting in the exfiltration of personal data belonging to 1.25 million people.

German media reports that hackers breached the lower house of parliament on the Bundestag network and exfiltrated data from over 20,000 accounts. German weekly Der Spiegel said that the Kremlin is the primary suspect behind the attack and that the malware involved closely resembles that used in a 2014 attack on a German data network.

May 2015 – Data Breaches

Hong Kong-based undersea cable company Pacnet’s business management systems were breached by malicious software that accessed sensitive data stored on a SQL server.

Chinese hackers exfiltrated significant amounts of customer data from United Airlines.

The Yemen Cyber Army claims it breached a server belonging to the Saudi Ministry of Foreign Affairs. The hackers led to the alleged login credentials of Saudi Officials, as well as usernames, phone numbers, and email addresses.

February 2015 – Data Breaches

Anthem, a U.S. health insurance company, is hacked, resulting in the theft of 80 million customers’ personally identifiable information. The information was taken from an unencrypted database. This may have been part of a larger campaign that included the OPM hack.

November 2014 – Data Breaches

Sony Pictures Entertainment is hacked with malware deleting data and the hackers posting online employees’ personal information and unreleased films. An FBI investigation revealed North Korea to be behind the attack.

September & October 2014 – Data Breaches

Ten percent of Dairy Queen outlets are hacked and customer credit card data is compromised. Like the Target hack, hackers reportedly exploited a third-party system to obtain access.

The Department of State reports breaches of its unclassified networks and shut down its entire unclassified email system to repair possible damage. A month later, “suspicious cyber activity” was noticed on a White House computer network, but the White House said that no classified networks had been breached.

Home Depot reports a server breach affecting 56 million debit cards in the U.S. and Canada.

July 2014 – Data Breaches

Hackers in Eastern Europe breached energy sectors in the U.S., Spain, France, Italy, Germany, Turkey, and Poland in a major cyberespionage campaign.

U.S. Office of Personnel Management networks that contain information on thousands of applicants for top-secret clearances is breached.

May 2014 – Data Breaches

Alleged Chinese hackers posed as C-Suite executives in a spear phishing campaign to
access the network of Alcoa. The hackers stole 2,907 emails and 863 attachments.

Chinese military hackers targeted six American companies in the power, metals, and
solar products industries and stole trade secret information. The U.S. Department of Justice
indicted them and identified them as members of the People’s Liberation Army Unit 61398.

March 2014 – Data Breaches

The OPM contractor responsible for U.S. security clearance background investigations is breached, allegedly by Chinese hackers.

Cybercriminals steal 40 million credit card numbers from Target, with an additional 70 million accounts compromised.

Indian Army and DRDO computers (Defense Research and Development Organization) were hacked, and the Indian government warned that the spyware could read the files of computers not even connected to the internet.

January 2014 – Data Breaches

Hackers targeted 28 embassies in Tehran using emails about the Syrian conflict that contained new data-mining malware.

October & November 2013 – Data Breaches

Federal prosecutors announced that Vietnamese cyber criminals obtained as many as 200 million personal records, including Social Security numbers, credit card data, and bank account information.

Finland’s Foreign Minister reports that hackers breached Finland’s diplomatic communications.

May 2013 – Data Breaches

The Syrian Electronic Army claims to have breached the Saudi Arabian Ministry of Defense email system and leaked several confidential emails.

Over the course of the month, unknown hackers breached major automotive parts suppliers in North America and Europe.

February 2013 – Data Breaches

DHS says that between December 2011 and June 2012, cyber criminals targeted 23 gas pipeline companies and stole information that could be used for sabotage purposes. Forensic data suggests the probes originated in China.

August & September 2012 – Data Breaches

Chinese hackers infiltrated Telvent Canada, an industrial automation company, and stole data related to SCADA systems throughout North America.

A group called “Cutting Sword of Justice” linked to Iran claimed it has used the “Shamoon” virus to attack Aramco, a major Saudi oil supplier, deleting data on 30,000 computers and infecting (without causing damage) control systems. The attack also affected the Qatari company RasGas, a major LNG supplier.

June & July 2012 – Data breaches

Indian naval officials confirmed that a virus had collected data from sensitive computer systems at the country’s Eastern Naval Command headquarters and sent the data to Chinese IP addresses. The virus allegedly entered the Navy’s network via infected USB drives, which were used to transfer data from standalone computers holding sensitive files to networked systems.

A Trojan nicknamed “Mahdi” found gathering data from approximately 800 critical infrastructure engineering firms, government agencies, financial houses, and academia throughout the Middle East and beyond, predominantly in Israel and Iran. The virus contains Persian language strings.

DHS reported that between December 2011 and June 2012, hackers targeted 23 gas pipeline companies and stole information that could be used for sabotage purposes. Forensic data suggests the probes originated in China.

April 2012 – Data Breaches

Iran was forced to disconnect key oil facilities after a cyberattack against internal computer systems. The malware was found inside the control systems of Kharg Island – Iran’s main oil exporting terminal. Equipment at Kharg Island and at other Iranian oil plants was disconnected from the internet as a precaution. Iran reported that oil production was not affected, but the websites of the Iranian oil ministry and national oil company were forced offline and data about users of the sites was taken as a result of the attack.

November 2011 – Data Breaches

Norway’s National Security Agency (NSM) reports that at least 10 major Norwegian defense and energy companies were hacked. The attacks were specifically “tailored” for each company, using an email phishing scheme. NSM said that the attacks came when the companies, mainly in the oil and gas sectors, have been involved in large-scale contract negotiations. The hacking occurred over the course of 2011, with hackers gaining access to confidential documents, industrial data, usernames and passwords.

September 2011 – Data Breaches

A computer virus from an unknown source introduced “keylogger” malware onto ground control stations for US Air Force UAVs and, according to press reports, infected both classified and unclassified networks at Creech Air Force Base in Nevada. The US did not lose control of any drone nor does it appear that any data was exfiltrated, but the malware was persistent and took several attempts to remove.

July 2011 – Data Breaches

South Korea said hackers from China had penetrated an internet portal and accessed phone numbers, e-mail addresses, names and other data for 35 million Koreans.

The German Bundespolizei (Federal Police) and the Bundeszollverwaltung (Federal Customs Service) discovered that servers were used to locate serious criminals and terrorism suspects by gathering information from GPS systems in cars and mobile phones were penetrated (using a phishing attack) as early as 2010. Following the cyberattack, the relevant servers had to be temporarily shut down to prevent further data losses.

June 2011 – Data Breaches

Citibank reported that credit card data for 360,000 of its customers were exfiltrated using a relatively simple manipulation of URLs.

The IMF’s networks were reportedly compromised by a foreign government using fraudulent emails with malware attachments, and a “large quantity of data, including documents and e-mails,” are exfiltrated.

May 2011 – Data Breaches

Cybercriminals masquerading as members of the hacktivist group “Anonymous” penetrated the PlayStation network. Sony estimated that personal information for more than 80 million users was compromised and that the cost of the breach was over $170 million.

April 2011 – Data Breaches

Employees at Oak Ridge National Laboratory received bogus emails with malware attachments. Two machines were infected and “a few megabytes” of data were extracted before the Lab was able to cut its internet connection. Oak Ridge was the target of an intrusion in 2007.

Google reported a phishing effort to compromise hundreds of Gmail passwords for the accounts of prominent people, including senior U.S. officials. Google attributes the effort to China.

Hackers used phishing techniques in an attempt to obtain data that would compromise RSA’s SecureID authentication technology. The data acquired was then used in an attempt to penetrate Lockheed Martin’s networks.

December 2010 – Data Breaches

India’s Central Bureau of Investigation (CBI) website ( was hacked and data was erased. India blames Pakistani hackers. Sensitive CBI data, stored on a computer not easily accessible from the Internet, was unaffected.

May 2009 – Data Breaches

The Homeland Security Information Network (HSIN) was hacked by unknown intruders. The hackers gained access to the data by getting into the HSIN account of a federal employee or contractor. The bulk of the data obtained was federal, but some state information was also accessed.

May 2010. Chinese hackers breached the computer network of the U.S. Chamber of Commerce and stole information related to U.S. industries

April 2009 – Data Breaches

Wall Street Journal articles laid out the increasing vulnerability of the U.S. power grid to cyberattacks and also highlighted the intrusions into F-35 databases by unknown foreign intruders.

February 2009 – Data Breaches

French naval aircraft planes were grounded after military databases were infected with the “confickr” virus. Naval officials suspected someone in the Navy had used an infected USB key.

November 2008. Hackers breached networks at Royal Bank of Scotland’s WorldPay, allowing them to clone 100 ATM cards and withdraw over $9 million dollars from machines in 49 cities.

November 2008. Chinese hackers infiltrated the computer networks of three major oil companies and stole trade secret information.

October 2008 – Data Breaches

Police discovered a highly sophisticated supply chain attack where credit card readers made in China and used in UK supermarkets had a wireless device inserted in them. The device copies a credit card when it is inserted, stores the data, and transfers the data it has collected once a day via a WiFi connection to Lahore, Pakistan. The estimated loss is $50 million or more. The device could be instructed to collect only certain kinds of cards (such as gold cards), or to go dormant to evade detection.

July 2008 – Data Breached

Marathon Oil, ExxonMobil, and ConocoPhillips were hacked and lost data detailing the quantity, value, and location of oil discoveries around the world. One company put losses in the millions.

The databases of both Republican and Democratic presidential campaigns were hacked and downloaded by unknown foreign intruders.

October 2007 -Data Breaches

More than a thousand staffers at Oak Ridge National Labs received an email with an attachment that, when opened, provides unknown outsiders with access to the Lab’s databases.

December 2007 – Data Breaches

Chinese hackers breached the Pentagon’s Joint Strike Fighter project and stole data related to the F-35 fighter jet.

August 2006 – Data Breaches

A senior Air Force Officer stated publicly that, “China has downloaded 10 to 20 terabytes of data from the NIPRNet (the unclassified military network).”

The Year 2003 – Data Breaches

Chinese hackers exfiltrated national security information from Naval Air Weapons Station China Lake, including nuclear weapons test and design data, and stealth aircraft data.