Major IT security, cybercrime & cyberwar incidents

| last update: 2016-09-01

Distributed Denial of Service (dDoS) Attacks are not included in this list as they are annoying but not sophisticated attacks.

2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009


  • 09/2017 Equifax Breach
  • 2016

    • 07/2016 DNC Email leak
      During the U.S. presidential campaign a collection of Democratic National Committee (DNC) emails was leaked through WikiLeaks.
    • 04/2016 Panama Papers Leak
      More than 11 million documents (2.6 TB) on offshore companies leaked to the press.
    • 04/2016
      Hackers publish sensible data about 49 million turkish citizens.
    • 03/2016 "Billion" Dollar Cyber Heist
      Hackers use SWIFT to transfer 971 Million USD owned by the central bank of Bangladesh into foreign accounts. Most of it can be retrieve, but 81 million USD are lost.



    • 08/2014: possibly largest password theft ever
      According to Hold Security Russian hackers stole more than a billion user name password combinations from more than 400.000 websites. At the request of the New York Times a non affiliated expert confirmed this. However Bruce Schneier seems still to be sceptical.
    • 06/2014: The U.S. Justice Department secretly seized control over networks used to control GameOver Zeus and CryptoLocker
      NYT article
    • 05/2014: U.S. Charges Five alleged Chinese Military Hackers for Cyber Espionage
      First time criminal charges are filed against state actors for hacking.
      see: DoJ press announcement | NYT coverage
    • Heartbleed bug
      Some OpenSSL libraries did not properly handle Heartbeat Extension packets, which allowed remote attackers to obtain sensitive information - like private keys - from process memory. (see here | CVE-2014-0160)
    • Mt.Gox
    • The Mask
      Very complex malware (rootkit, bootkit, versions for multiple operation systems , ...) found by Kaspersky. Presumably state sponsored. Bruce Schneier hypothesizes that Spain may be behind this. According to Kaspersky the campaign was active for at least five years until January 2014.


    • Massive data theft at Target stores
      During the 2013 holiday season credit card details and other data of up to 70 million customers of US retailer Target were stolen.
    • PRISM revealed
      Documents about the classified electronic surveillance program operated by the National Security Agency were leaked to news media.
      Bruce Schneier on "NSA Surveillance and What To Do About It"
    • Red October / Rocra
      Discovered by Kaspersky Labs in October 2012 and made public known in January 2013. Red October seems to be a very advanced cyber-espionage tool that was around for at least 5 years. Kaspersky Labs published a detailed report of their investigations.


    • Cyberattack on Saudi Aramco
      In August 2012 a virus erased data on three-quarters of the oil company's computers and replaced them with an image of a burning US flag. (NYT)
    • Flame


    • Lockheed Martin : network intrusion
      Hackers got into the military contractor's network, which had to be shut down to stop the attack. The attack may be linked to a data breach at RSA that could possibly have compromised some of the security tokens used at Lockheed Martin. (more on this))
    • Sony Playstation Network hacked
      Massive data theft. More on BBC News.
    • Anonymous vs HBGary
      See Ars Technica for a detailed report on this.


    • Wikileaks: US Embassy Cables 1966 – 2010 ("Cablegate")
    • Wikileaks: Iraq War Logs
    • Stuxnet / Operation Olympic Games
      Stuxnet was a complex worm created to sabotage Iran's nuclear programme. There was speculation that Stuxnet forced Iran to temporarily stop enriching uranium.
      NYT on Operation "Olympic Games"


    • Ghostnet
    • F35 Hack
      It has been revealed that hackers stole thousand of confidential documents on the F-35 Joint Strike Fighter Design. See CNN and WSJ.