Back Catalogue of Hacks, Leaks and Compromises

Updated: 09-06-11

Please Note: Reading this article may leave you with feelings of paranoia and scepticism; this is a perfectly healthy approach to staying safe on-line

This is a brief summary of recent and notable websites and services that have been compromised in one way or another.  It is intended to highlight that no matter how big, skilled or trusted an organisation might be it seems that nobody is 100% safe on the web.  It only includes malicious activity and does not include accidental or careless mistakes.

You can take this one of two ways; 1) panic that nothing is safe and unplug everything, vowing never to go on-line ever again or 2) accept that nothing is safe and do the few little things that are within your power to minimise the risk of being violated** if any website that you use becomes a victim.

This list is in no particular order, is far from exhaustive and I’ll update it as new compromises are made public…

Updated: 09-06-11

• Sony (again)
• Who: Electronics and media manufacturer
• When: May + June 2011
• What: Several Sony owned or related websites have been compromised by hackers to varying degrees including (but not limited to) any or all of the following; defacing a public website, leaking administration details, leaking customer information including usernames and passwords, acquiring voucher codes
• Why: These attacks are being carried out by various groups and individuals, some are intended to highlight flaws in Sony’s security and that they are compromising the privacy and security of their customers while others are in retaliation to behaviour from Sony that some perceive to be malicious such as criminal charges against George Hotz
• More: Naked Security – Sophos | IB Times | Wall Street Journal
• Citigroup
• Who: American multinational financial services company
• When: May 2011
• What: Hackers obtained personal information on 200,000 including name, email address and account numbers – other information was not compromised including social security numbers, card details security codes
• More: Reuters | Naked Security – Sophos
• Lockheed Martin, L3, Northrop Grumman
• Who: US Department of Defence contractors – manufacturer of aeronautical and munitions equipment
• When: May 2011
• What: Several highly targeted attacks that used information garnered from the earlier RSA SecurID compromise, all three companies reportedly survived the attacks with no data compromised
• More: CNN | Reuters | Reuters | Naked Security – Sophos

• PBS
• Who: “Public Broadcasting Service” US TV channel
• When: May 2011
• What: Username and hashed passwords leaked, public website defaced in response to WikiLeaks reporting
• More: http://www.theregister.co.uk/2011/05/31/pbs_hacked
• Honda Canada
• Who: Car manufacturer division
• When: May 2011 (anounced in May, leak occured in March)
• What: Name, address and Vehicle Identity Number of 283,000 customers was leaked following a successful hack
• More: http://nakedsecurity.sophos.com/2011/05/29/honda-canada-loses-283000-records-now-faces-lawsuit
• Hotmail (again)
• Who: One of the worlds largest free public email service providers from Microsoft
• When: May 2011
• What: Emails being leaked in targeted attacks that exploited a bug Hotmail scripts – The bug has already been fixed
• More: http://www.theregister.co.uk/2011/05/24/microsoft_hotmail_email_theft_attack
• Nasa
• Who: The people that send people into space
• When: May 2011
• What: A prolific hacker compromised a web server and posted inoffensive details on-line to demonstrate the weakness, despite their actions being illegal and potentially damaging the hacker was working with good intentions and not to cause harm or for profit
• More: http://nakedsecurity.sophos.com/2011/05/19/tinkode-hacks-into-nasa-servers-posts-evidence-of-breach-online
• Sony - PlayStation Network and Qriocity
• Who: On-line game store, community and streaming media
• When: April 2011
• What: Customers name, address, email address, date of birth, username, and password details leaked
• More: http://www.telegraph.co.uk/technology/sony/8476152/Sony-PlayStation-Hack-statement-in-full.html
• Google, Adobe, Juniper, Rackspace, Yahoo, Symantec, Morgan Stanley and others
• Who: A lot of really, really big names
• When: December 2009
• What: “Operation Aurora” was an advanced and persistent targeted attack resulting in undisclosed data leaks across as many as twenty world leading organisations
  
• More: http://www.nytimes.com/2010/04/20/technology/20google.html
• HBGary
• Who: IT Security company, advisors and providers to US Federal Government and private companies
• When: February 2011
• What: Thousands of internal documents, emails, financials and staff personal information leaked – staff’s personal email accounts, social network accounts and websites compromised – data stores, servers and backups deleted
• More: http://www.guardian.co.uk/commentisfree/cifamerica/2011/feb/17/wikileaks-internet
• RSA
• Who: Worlds largest provider of secure two-factor authentication (SecurID)
• When: March 2011
• What: Central servers hacked and fundamental data was retrieved that effectively renders two-factor authentication worthless for millions of users across thousands of organisations
• More: http://www.engadget.com/2011/03/18/rsa-hacked-data-exposed-that-could-reduce-the-effectiveness-o
• Comodo (more so several vendors and partners)
  
• Who: Third largest Certificate Authority, issuing around 15% of all SSL Certificates
• When: March 2011
• What: False certificates were issued meaning the attackers could direct you to a fake website (google, live, skype, yahoo, mozilla) and your PC would verify their fake website as legitimate and secure
• More: http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust
• Nasdaq
• Who: The company responsible for running one of the American stock exchanges
• When: February 2011
• What: Unauthorised access to the stocks trading platform, no leaks or damage were reported
• More: http://online.wsj.com/article/SB10001424052748704709304576124502351634690.html
• Hotmail
• Who: One of the worlds largest free public email service providers from Microsoft
• When: October 2009
• What: Not really a compromise but 10,000 email addresses and passwords were harvested and leaked through a widespread phishing attack
• More: http://www.telegraph.co.uk/technology/microsoft/6264539/Microsoft-Hotmail-leak-blamed-on-phishing-attack.html
• WordPress
• Who: Blog service provider, yeah, this one
• When: April 2011
• What: Servers were compromised and infrastructure code was obtained, possibly including some internal passwords and possible resulting in hosted blogs distributing malware
• More: http://www.theregister.co.uk/2011/04/13/wordpress_hack_attack | http://blog.trendmicro.com/wordpress-blogs-suffer-mass-compromise
• Epsilon
• Who: One of the worlds largest email marketing service providers for the likes of Barclaycard US, Capital One, JPMorgan, CitiGroup, Tivo, Walt Disney Destinations, Best Buy and others
• When: April 2011
• What: Millions of names and email addresses for customer of 2,500 firms were stolen, raising the risk of targeted phishing attacks
• More: http://www.guardian.co.uk/technology/2011/apr/04/epsilon-email-hack
• Gawker.com
• Who: Tech and gadget news aggregator
• When: December 2010
• What: Members username and password details leaked
• More: http://www.bbc.co.uk/news/technology-11998648
• Lush Cosmetics
• Who: Commercial shopping website of the high street cosmetics retailer
• When: January 2011
• What: Customer Credit Card details leaked
• More: http://www.guardian.co.uk/money/2011/jan/21/lush-website-hack-customers-fraud
• Daily Telegraph
• Who: Newspaper
• When: April 2010
• What: Websites defaced
• More: http://www.itpro.co.uk/622438/hackers-deface-telegraph-sites-over-gypsies-slight
• Unanimis and others
• Who: Advertising service providers used by BBC, AutoTrader, London Stock Exchange, Ebay, Spotify, Facebook and others
• When: February+March 2011
• What: Advertising servers were compromised and malicious code injected into adverts that were displayed on several high profile websites, leading to widespread infections of people that visited the affected websites
• More: http://www.thesecurityblog.com/2011/03/this-month-in-the-threat-webscape-february-2011 | http://community.websense.com/blogs/securitylabs/archive/2011/02/15/bbc6-website-injected-with-malicious-code.aspx
• eHarmony Advice
• Who: Ancillary message board to eHarmony dating website
• When: February 2011
• What: Members username, email address and passwords leaked
• More: http://techland.time.com/2011/02/11/eharmony-hacked-kind-of
• PlentyOfFish
• Who: Dating website
• When: January 2011
• What: Members username, email addresses and passwords leaked
• More: http://mashable.com/2011/01/31/plentyoffish-hacked-usernames-and-passwords-stolen
• Chain Reaction Cycles
• Who: Shopping website popular amongst cycling enthusiasts
• When: March 2011
• What: Customer Credit Card details leaked
• More: http://www.theregister.co.uk/2011/03/17/cc_fraud_follows_bike_store_purchases

---

** I’ll explain in more detail just how you might find yourself violated in another post soonI’ll also post a similar back catalogue of recent notable computer infection outbreaks; to include them here would make the list a tad overwhelming!

---

Image Attribution: Thanks to Salvatore Vuono @ FreeDigitalPhotos.net for both images

About these ads